; ; Digital Signature Kit $Version = FileGetVersion (@ScriptFullPath, 'ProductVersion') #Pragma Compile (FileDescription, 'Digital Signature Kit') #Pragma Compile (FileVersion, '2.23.07.19') #Pragma Compile (ProductName, 'Digital Signature Kit') #Pragma Compile (ProductVersion, '2.23.07') #Pragma Compile (CompanyName, 'Krešimir Hrbud') #Pragma Compile (LegalTrademarks, 'Digital Signature Kit is trademark of Krešimir Hrbud.') #Pragma Compile (LegalCopyright, 'Copyright © Krešimir Hrbud (kresimir.hrbud@gmail.com) 2023. All Rights Reserved.') #Region AutoIt3Wrapper directives section #AutoIt3Wrapper_Icon=DATA\DigitalSign.ico #AutoIt3Wrapper_OutFile=DigitalSignX86.exe #AutoIt3Wrapper_OutFile_X64=DigitalSign.exe #AutoIt3Wrapper_OutFile_Type=exe #AutoIt3Wrapper_Change2CUI=N #AutoIt3Wrapper_UseX64=Y #AutoIt3Wrapper_Compile_Both=N #AutoIt3Wrapper_UseUPX=Y #AutoIt3Wrapper_Compression=4 ;#AutoIt3Wrapper_UPX_Parameters=--ultra-brute #AutoIt3Wrapper_Res_RequestedExecutionLevel=asInvoker #AutoIt3Wrapper_Res_Description=Digital Signature Kit #AutoIt3Wrapper_Res_Fileversion=2.23.07.19 #AutoIt3Wrapper_Res_Field=Product name|Digital Signature Kit #AutoIt3Wrapper_Res_Field=Product version|2.23.07 #AutoIt3Wrapper_Res_Field=Company name|Krešimir Hrbud #AutoIt3Wrapper_Res_Comment=Digital Signature Kit is trademark of Krešimir Hrbud. #AutoIt3Wrapper_Res_LegalCopyright=Copyright © Krešimir Hrbud (kresimir.hrbud@gmail.com) 2023. All Rights Reserved. #AutoIt3Wrapper_Res_Language=1033 #AutoIt3Wrapper_Allow_Decompile=N #AutoIt3Wrapper_Res_FileVersion_AutoIncrement=N #AutoIt3Wrapper_Run_AU3Check=N #AutoIt3Wrapper_Run_Obfuscator=N #AutoIt3Wrapper_Res_Icon_Add=DATA\ADD.ICO ;-03 #AutoIt3Wrapper_Res_Icon_Add=DATA\CERT.ICO ;-04 #AutoIt3Wrapper_Res_Icon_Add=DATA\DEL.ICO ;-05 #AutoIt3Wrapper_Res_Icon_Add=DATA\NEWCERT.ICO ;-06 #AutoIt3Wrapper_Res_Icon_Add=DATA\NEWKEY.ICO ;-07 #AutoIt3Wrapper_Res_Icon_Add=DATA\OPEN.ICO ;-08 #EndRegion ; Language: Language Neutral ; Platform: Win32bit ; Author: Krešimir Hrbud (kresimir.hrbud@gmail.com) ; #NoTrayIcon AutoItSetOption ('TrayIconHide', 1) AutoItSetOption ('GUICloseOnESC', 0) AutoItSetOption ('WinTitleMatchMode', 3) OnAutoItExitRegister('fOnExit') #include #include #include #include #include #include #include #include #include #include $BIN = Hex (@MSEC & @MIN & @HOUR & @AutoItPID) $BIN = StringReplace ($BIN, StringRegExpReplace ($BIN, '[^0].*', ''), Random (1, 9, 1)) $BIN = @TempDir & '\' & $BIN If FileExists ($BIN) Then DirRemove ($BIN, 1) If NOT FileExists ($BIN) AND NOT DirCreate ($BIN) AND MsgBox (262192, 'Digital Signature Kit', 'Could not extract required files.') Then Exit Switch @AutoItX64 Case 0 If MsgBox (262192, 'Digital Signature Kit', 'Run this program on 64-bit version of' & @CRLF & 'Microsoft © Windows®.') Then Exit #CS If @OSArch = 'X86' Then If NOT FileInstall ('.\DATA\BIN\x86\7za.exe', $BIN & '\7za.exe', 1) AND MsgBox (262192, 'Digital Signature Kit', 'Could not extract required files.') Then Exit If NOT FileInstall ('.\DATA\BIN\x86\x86.7z', $BIN & '\' & @OSArch & '.7z', 1) AND MsgBox (262192, 'Digital Signature Kit', 'Could not extract required files.') Then Exit Else If MsgBox (262192, 'Digital Signature Kit', 'Run this program on 32-bit version of' & @CRLF & 'Microsoft © Windows®.') Then Exit EndIf #CE Case 1 If @OSArch = 'X64' Then If NOT FileInstall ('.\DATA\BIN\x64\7za.exe', $BIN & '\7za.exe', 1) AND MsgBox (262192, 'Digital Signature Kit', 'Could not extract required files.') Then Exit If NOT FileInstall ('.\DATA\BIN\x64\x64.7z', $BIN & '\' & @OSArch & '.7z', 1) AND MsgBox (262192, 'Digital Signature Kit', 'Could not extract required files.') Then Exit Else If MsgBox (262192, 'Digital Signature Kit', 'Run this program on 64-bit version of' & @CRLF & 'Microsoft © Windows®.') Then Exit EndIf EndSwitch SplashTextOn ('Digital Signature Kit', 'Please wait ...', 500, 20, -1, -1, 33, '', 10, 500) $7zip = Run ($BIN & '\7za.exe x -bd -o"' & $BIN & '" "' & $BIN & '\' & @OSArch & '.7z"' , $BIN, @SW_HIDE) ProcessWaitClose ($7zip, 15) If ProcessExists ($7zip) Then SplashOff () If NOT ProcessClose ($7zip) AND MsgBox (262160, 'Digital Signature Kit', 'Could not abort extraction process. Exiting ...') Then Exit If MsgBox (262160, 'Digital Signature Kit', 'Extraction process was aborted. Exiting ...') Then Exit EndIf FileInstall ('.\DATA\Choo-Choo.gif', $BIN & '\Choo-Choo.gif', 1) SplashOff () $ScriptDir = @ScriptDir While StringRight ($ScriptDir, 1) = '\' $ScriptDir = StringStripWS (StringTrimRight ($ScriptDir, 1), 3) WEnd Const $DefaultConfig = 'DigitalSign.cnf' Dim $DefaultConfigPath = $ScriptDir & '\' & $DefaultConfig Dim $DefaultCertsPath = $ScriptDir & '\Issued Certificates' If NOT FileExists ($DefaultConfigPath) Then If NOT FileExists ($DefaultCertsPath) Then DirCreate ($DefaultCertsPath) Local $aGeneral[35][2] = [[34,'GENERAL'], ['PFXFile',''], _ ['PFXPass',''], _ ['TSS',''], _ ['Engine','OpenSSL ( RFC 5280 compliant )'], _ ['CertType','CA Issued Certificate'], _ ['CertPurpose','Server authentication'], _ ['CertUnencrypted',1], _ ['CertCA',''], _ ['PVKCA',''], _ ['PVKCAPass',''], _ ['ExportPath',fGetShortPath($DefaultCertsPath)], _ ['SignatureHash','SHA 256'], _ ['PVKLength',2048], _ ['C','US'], _ ['ST','United States'], _ ['L','Redmond, Washington WA 98052'], _ ['LP',''], _ ['LA',''], _ ['O','Contoso'], _ ['OU','SALES'], _ ['E','sales@contoso.org'], _ ['DC','sales.contoso.org'], _ ['CAExportPath',fGetShortPath($DefaultCertsPath)], _ ['CASignatureHash','SHA 512'], _ ['CAPVKLength',4096], _ ['CAC','US'], _ ['CAST','United States'], _ ['CAL','Redmond, Washington WA 98052'], _ ['CALP',''], _ ['CALA',''], _ ['CAO','Contoso'], _ ['CAOU','SALES'], _ ['CAE','sales@contoso.org'], _ ['CADC','sales.contoso.org']] IniWriteSection ($DefaultConfigPath, $aGeneral[0][1], $aGeneral) EndIf Dim $CurrentDate = @MDAY & '.' & @MON & '.' & @YEAR & '.' Dim $DefaultDate = @YEAR & '/' & @MON & '/' & @MDAY & ' ', $DefaultTime = '00:00:00', $unicode_DTM_SETFORMAT = 0x1032 Dim $aTimeStampServers[4] = [3, 'Certum ( SHA2 / RFC 3161 ) - http://time.certum.pl', _ 'DigiCert ( SHA2 / RFC 3161 ) - http://timestamp.digicert.com', _ 'Symantec ( SHA2 / RFC 3161 ) - http://sha256timestamp.ws.symantec.com/sha256/timestamp'] Dim $Engine = 'OpenSSL' Dim $aCertType[3][2] = [[2], ['Self-signed Certificate','SelfSigned'], ['CA Issued Certificate','Cert']], $CertType = 'Cert' Dim $aCertPurpose[3][2] = [[2], ['Code signing','CodeSign'], ['Server authentication','Authentication']], $CertPurpose = 'Authentication' Dim $aCertRequest[3][2] = [[2], ['Private Key path:','PVK'], ['Certificate Request:','REQ']], $CertRequest = 'PVK' Dim $aHASH[4][2] = [[3], ['SHA 256','sha256'], ['SHA 384','sha384'], ['SHA 512','sha512']] Dim $aKeyLength[6] = [5, 512, 1024, 2048, 4096, 8192] Dim $aSANType[5] = [4, 'DNS', 'IP', 'URI', 'email'], $aCASAN[1][1] = [[0]], $aSAN[1][1] = [[0]] Dim $GUIWidth = 500, $GUIHeight = 445, $GUIWidthDelta = 300, $GUIHeightDelta = 100, $GUIHistory = 'OpenSSL' Dim $FormsList[1][1] = [[0]] For $i = 1 to $CmdLine[0] If $CmdLine[$i] = '?' OR $CmdLine[$i] = '-?' OR $CmdLine[$i] = '/?' OR StringLower ($CmdLine[$i]) = '-help' OR StringLower ($CmdLine[$i]) = '/help' Then If fHelp() Then Exit ElseIf StringUpper (StringLeft ($CmdLine[$i], 3)) = '-F:' OR StringUpper (StringLeft ($CmdLine[$i], 3)) = '/F:' Then Dim $LoadForm = StringTrimLeft ($CmdLine[$i], 3) EndIf Next ;____________________________________________________________________________________________________ $GUISign = GUICreate ('Digital Signature Kit', $GUIWidth, $GUIHeight, -1, -1, BitOR ($WS_MINIMIZEBOX, $WS_CAPTION, $WS_POPUP, $WS_SYSMENU)) $gbDummySign = GUICtrlCreateButton ('', 0, 0, 0, 0, $BS_FLAT) GUICtrlSetState ($gbDummySign, BitOR ($GUI_HIDE, $GUI_FOCUS)) $gmSignFile = GUICtrlCreateMenu ('File') $gmSignFormSave = GUICtrlCreateMenuItem ('Save Form', $gmSignFile, 1, 0) $gmSignFormLoad = GUICtrlCreateMenuItem ('Load Form', $gmSignFile, 2, 0) GUICtrlCreateLabel ('Personal Information Exchange (PFX) file:', 10, 10, 250, 20) $giFilePFX = GUICtrlCreateInput ('', 10, 30, 330, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) GUICtrlCreateLabel ('Private Key password:', 345, 10, 125, 20) $giPassPFX = GUICtrlCreateInput ('', 345, 30, 125, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL, $ES_PASSWORD)) $gbBrowsePFX = GUICtrlCreateButton ('...', 473, 29, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbBrowsePFX, 'Browse') GUICtrlCreateLabel ('Description / Title:', 10, 60, 150, 20) $giDescription = GUICtrlCreateInput ('', 10, 80, 460, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) GUICtrlCreateLabel ('Timestamping Service URL:', 10, 110, 150, 20) $gcTSS = GUICtrlCreateCombo ('', 10, 130, 460, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aTimeStampServers[0] GUICtrlSetData ($gcTSS, $aTimeStampServers[$i], $aTimeStampServers[$i]) Next GUICtrlCreateLabel ('Files to be signed:', 10, 160, 150, 20) $gliFiles = GUICtrlCreateList ('', 10, 180, 460, 215, BitOR ($LBS_DISABLENOSCROLL, $LBS_NOTIFY, $WS_VSCROLL, $WS_HSCROLL)) GUICtrlSetLimit ($gliFiles, 10000) $gbAddFile = GUICtrlCreateButton ('+', 473, 180, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbAddFile, @AutoItExe, -03, 0) GUICtrlSetTip ($gbAddFile, 'Add file') $gbDelFile = GUICtrlCreateButton ('-', 473, 207, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbDelFile, @AutoItExe, -05, 0) GUICtrlSetTip ($gbDelFile, 'Remove file') $gbSign = GUICtrlCreateButton ('Sign', 420, 399, 75, 22, $BS_FLAT) GUICtrlSetTip ($gbSign, 'Digitally sign file') $gbCertificate = GUICtrlCreateButton ('C', 10, 399, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbCertificate, @AutoItExe, -04, 0) GUICtrlSetTip ($gbCertificate, 'Create Certificate') ;____________________________________________________________________________________________________ $GUICertificate = GUICreate ('Create Certificate', $GUIWidth + $GUIWidthDelta, $GUIHeight + $GUIHeightDelta, -1, -1, BitOR ($WS_MINIMIZEBOX, $WS_CAPTION, $WS_POPUP, $WS_SYSMENU), $WS_EX_TOPMOST) GUISetIcon (@AutoItExe, -04, $GUICertificate) $gbDummyCert = GUICtrlCreateButton ('', 0, 0, 0, 0, $BS_FLAT) GUICtrlSetState ($gbDummyCert, BitOR ($GUI_HIDE, $GUI_FOCUS)) $gmCertFile = GUICtrlCreateMenu ('File') $gmCertEngine = GUICtrlCreateMenu ('Engine', $gmCertFile, 1) $gmCertEngineMakeCert = GUICtrlCreateMenuItem ('Microsoft MakeCert (RFC 5280 noncompliant)', $gmCertEngine, 1, 1) $gmCertEngineOpenSSL = GUICtrlCreateMenuItem ('OpenSSL (RFC 5280 compliant)', $gmCertEngine, 2, 1) GUICtrlSetState ($gmCertEngineOpenSSL, $GUI_CHECKED) $gmCertFormSave = GUICtrlCreateMenuItem ('Save Form', $gmCertFile, 2, 0) $gmCertFormLoad = GUICtrlCreateMenuItem ('Load Form/Template', $gmCertFile, 3, 0) $gmCertTemplateSave = GUICtrlCreateMenuItem ('Save as Template', $gmCertFile, 4, 0) $gtCertificate = GUICtrlCreateTab (5, 5, 790, 490) $gtCert = GUICtrlCreateTabItem ('Certificate') GUICtrlCreateLabel ('Certificate type:', 15, 40, 125, 20) $gcCertType = GUICtrlCreateCombo ('', 145, 36, 150, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aCertType[0][0] GUICtrlSetData ($gcCertType, $aCertType[$i][0], $aCertType[$i][0]) Next GUICtrlCreateLabel ('Certificate purpose:', 505, 40, 125, 20) $gcCertPurpose = GUICtrlCreateCombo ('', 635, 36, 150, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aCertPurpose[0][0] GUICtrlSetData ($gcCertPurpose, $aCertPurpose[$i][0], $aCertPurpose[$i][0]) Next $glCertCA = GUICtrlCreateLabel ('CA Certificate path:', 15, 65, 125, 20) $giCertCA = GUICtrlCreateInput ('', 145, 62, 586, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbBrowseCertCA = GUICtrlCreateButton ('...', 736, 61, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbBrowseCertCA, 'Browse') $gbNewCertCA = GUICtrlCreateButton ('N', 763, 61, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbNewCertCA, @AutoItExe, -06, 0) GUICtrlSetTip ($gbNewCertCA, 'Create "CA Certificate"') $glPVKCA = GUICtrlCreateLabel ('CA Private Key path:', 15, 90, 125, 20) $giPVKCA = GUICtrlCreateInput ('', 145, 87, 386, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbBrowsePVKCA = GUICtrlCreateButton ('...', 536, 86, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbBrowsePVKCA, 'Browse') $gbNewPVKCA = GUICtrlCreateButton ('K', 563, 86, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbNewPVKCA, @AutoItExe, -07, 0) GUICtrlSetTip ($gbNewPVKCA, 'Create "CA Private Key"') $glPVKCAPass = GUICtrlCreateLabel ('Password:', 595, 90, 50, 20) $gmPVKCAPass = GUICtrlCreateContextMenu ($glPVKCAPass) $gmPVKCAPassReveal = GUICtrlCreateMenuItem ('Reveal', $gmPVKCAPass, 0, 0) $giPVKCAPass = GUICtrlCreateInput ('', 650, 87, 135, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL, $ES_PASSWORD)) $glCN = GUICtrlCreateLabel ('Common Name (CN) *:', 15, 115, 125, 20) $giCN = GUICtrlCreateInput ('', 145, 112, 640, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) GUICtrlSetTip ($giCN, 'eg. "SERVER.contoso.com"') $glPath = GUICtrlCreateLabel ('Export path:', 15, 140, 125, 20) $giPath = GUICtrlCreateInput ('', 145, 137, 613, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbBrowsePath = GUICtrlCreateButton ('...', 763, 136, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbBrowsePath, 'Browse') $gcOCertRequest = GUICtrlCreateCombo ('', 11, 161, 125, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aCertRequest[0][0] GUICtrlSetData ($gcOCertRequest, $aCertRequest[$i][0], $aCertRequest[1][0]) Next $giOPVK = GUICtrlCreateInput ('', 145, 162, 386, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbOBrowsePVK = GUICtrlCreateButton ('...', 536, 161, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbOBrowsePVK, 'Browse') $gbONewPVK = GUICtrlCreateButton ('K', 563, 161, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbONewPVK, @AutoItExe, -07, 0) GUICtrlSetTip ($gbONewPVK, 'Create "Private Key"') $glPVKPass = GUICtrlCreateLabel ('Password:', 595, 165, 50, 20) $gmPVKPass = GUICtrlCreateContextMenu ($glPVKPass) $gmPVKPassReveal = GUICtrlCreateMenuItem ('Reveal', $gmPVKPass, 0, 0) $giPVKPass = GUICtrlCreateInput ('', 650, 162, 135, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL, $ES_PASSWORD)) $glMPVKLength = GUICtrlCreateLabel ('Private Key length:', 415, 165, 125, 20) GUICtrlSetState ($glMPVKLength, $GUI_HIDE) $gcMPVKLength = GUICtrlCreateCombo ('', 545, 161, 90, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aKeyLength[0] GUICtrlSetData ($gcMPVKLength, $aKeyLength[$i], '2048') Next GUICtrlSetState ($gcMPVKLength, $GUI_HIDE) $glHash = GUICtrlCreateLabel ('Signature hash algorithm:', 15, 190, 125, 20) $gcHash = GUICtrlCreateCombo ('', 145, 186, 90, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aHASH[0][0] GUICtrlSetData ($gcHash, $aHASH[$i][0], $aHASH[1][0]) Next $glValidityStart = GUICtrlCreateLabel ('Start of validity:', 315, 190, 80, 20) $gdValidityStart = GUICtrlCreateDate ($DefaultDate, 400, 187, 90, 20, $DTS_SHORTDATEFORMAT) GUICtrlSendMsg ($gdValidityStart, $unicode_DTM_SETFORMAT, 0, 'dd.MM.yyyy.') $glValidity = GUICtrlCreateLabel ('Validity period:', 570, 190, 75, 20) $giValidity = GUICtrlCreateInput ('12', 650, 187, 90, 20, BitOR ($ES_CENTER, $ES_NUMBER, $ES_AUTOHSCROLL)) $glValidityMeasure = GUICtrlCreateLabel ('[months]', 745, 190, 40, 20) $glOSAN = GUICtrlCreateLabel ('Subject Alternative Name:', 15, 215, 125, 20) GUICtrlSetTip ($glOSAN, '"Subject Alternative Name" should contain "Common Name (CN)"') $gcOSAN = GUICtrlCreateCombo ('', 145, 211, 50, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aSANType[0] GUICtrlSetData ($gcOSAN, $aSANType[$i], $aSANType[1]) Next $giOSAN = GUICtrlCreateInput ('', 200, 212, 558, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbOSANAdd = GUICtrlCreateButton ('+', 763, 211, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbOSANAdd, @AutoItExe, -03, 0) GUICtrlSetTip ($gbOSANAdd, 'Add SAN') $glvOSAN = GUICtrlCreateListView ('Type|Value', 145, 237, 613, 100, BitOR ($LVS_REPORT, $LVS_SINGLESEL, $LVS_NOSORTHEADER, $LVS_SORTASCENDING)) GUICtrlSendMsg ($glvOSAN, $LVM_SETCOLUMNWIDTH, 0, 55) GUICtrlSendMsg ($glvOSAN, $LVM_SETCOLUMNWIDTH, 1, 530) $gbOSANDel = GUICtrlCreateButton ('-', 763, 237, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbOSANDel, @AutoItExe, -05, 0) GUICtrlSetTip ($gbOSANDel, 'Remove SAN') $glC = GUICtrlCreateLabel ('Country (C):', 15, 345, 125, 20) $giC = GUICtrlCreateInput ('', 145, 342, 240, 20, BitOR ($ES_LEFT, $ES_UPPERCASE, $ES_AUTOHSCROLL)) GUICtrlSetTip ($giC, '2 letter country code, eg. "US"') $glST = GUICtrlCreateLabel ('State or Province (ST):', 415, 345, 125, 20) $giST = GUICtrlCreateInput ('', 545, 342, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glL = GUICtrlCreateLabel ('Locality (L):', 15, 370, 125, 20) $giL = GUICtrlCreateInput ('', 145, 367, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glLP = GUICtrlCreateLabel ('Postal Code:', 415, 370, 125, 20) $giLP = GUICtrlCreateInput ('', 545, 367, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glLA = GUICtrlCreateLabel ('Street Address:', 15, 395, 125, 20) $giLA = GUICtrlCreateInput ('', 145, 392, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glO = GUICtrlCreateLabel ('Organization (O):', 15, 420, 125, 20) $giO = GUICtrlCreateInput ('', 145, 417, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glOU = GUICtrlCreateLabel ('Organizational Unit (OU):', 415, 420, 125, 20) $giOU = GUICtrlCreateInput ('', 545, 417, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glE = GUICtrlCreateLabel ('Email (E):', 15, 445, 125, 20) $giE = GUICtrlCreateInput ('', 145, 442, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glDC = GUICtrlCreateLabel ('Domain (DC):', 415, 445, 125, 20) $giDC = GUICtrlCreateInput ('', 545, 442, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gcbOUnencrypted = GUICtrlCreateCheckbox ('Create unencrypted "Private Key" and "Certificate" pair', 345, 500, 285, 20) $gbCreate = GUICtrlCreateButton ('Create', 720, 499, 75, 22, $BS_FLAT) GUICtrlSetTip ($gbCreate, 'Create Certificate') $gtCACert = GUICtrlCreateTabItem ('Certification Authority ( CA )') $glCACN = GUICtrlCreateLabel ('Common Name (CN) *:', 15, 40, 125, 20) $giCACN = GUICtrlCreateInput ('', 145, 37, 640, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) GUICtrlSetTip ($giCACN, 'eg. "Contoso Root CA"') $glCAPath = GUICtrlCreateLabel ('Export path:', 15, 65, 125, 20) $giCAPath = GUICtrlCreateInput ('', 145, 62, 613, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbCABrowsePath = GUICtrlCreateButton ('...', 763, 61, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbCABrowsePath, 'Browse') $glOCAPVK = GUICtrlCreateLabel ('Private Key path:', 15, 90, 125, 20) $giOCAPVK = GUICtrlCreateInput ('', 145, 87, 386, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbOCABrowsePVK = GUICtrlCreateButton ('...', 536, 86, 22, 22, $BS_FLAT) GUICtrlSetTip ($gbOCABrowsePVK, 'Browse') $gbOCANewPVK = GUICtrlCreateButton ('K', 563, 86, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbOCANewPVK, @AutoItExe, -07, 0) GUICtrlSetTip ($gbOCANewPVK, 'Create "Private Key"') $glCAPVKPass = GUICtrlCreateLabel ('Password:', 595, 90, 50, 20) $gmCAPVKPass = GUICtrlCreateContextMenu ($glCAPVKPass) $gmCAPVKPassReveal = GUICtrlCreateMenuItem ('Reveal', $gmCAPVKPass, 0, 0) $giCAPVKPass = GUICtrlCreateInput ('', 650, 87, 135, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL, $ES_PASSWORD)) $glMCAPVKLength = GUICtrlCreateLabel ('Private Key length:', 415, 115, 125, 20) GUICtrlSetState ($glMCAPVKLength, $GUI_HIDE) $gcMCAPVKLength = GUICtrlCreateCombo ('', 545, 111, 90, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aKeyLength[0] GUICtrlSetData ($gcMCAPVKLength, $aKeyLength[$i], '4096') Next GUICtrlSetState ($gcMCAPVKLength, $GUI_HIDE) $glCAHash = GUICtrlCreateLabel ('Signature hash algorithm:', 15, 115, 125, 20) $gcCAHash = GUICtrlCreateCombo ('', 145, 111, 90, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aHASH[0][0] GUICtrlSetData ($gcCAHash, $aHASH[$i][0], $aHASH[$i][0]) Next $glCAValidityStart = GUICtrlCreateLabel ('Start of validity:', 315, 115, 80, 20) $gdCAValidityStart = GUICtrlCreateDate ($DefaultDate, 400, 112, 90, 20, $DTS_SHORTDATEFORMAT) GUICtrlSendMsg ($gdCAValidityStart, $unicode_DTM_SETFORMAT, 0, 'dd.MM.yyyy.') GUICtrlSetState ($gdCAValidityStart, $GUI_DISABLE) $glCAValidity = GUICtrlCreateLabel ('Validity period:', 570, 115, 75, 20) $giCAValidity = GUICtrlCreateInput ('25', 650, 112, 90, 20, BitOR ($ES_CENTER, $ES_NUMBER, $ES_AUTOHSCROLL)) $glCAValidityMeasure = GUICtrlCreateLabel ('[years]', 750, 115, 35, 20) $glOCASAN = GUICtrlCreateLabel ('Subject Alternative Name:', 15, 140, 125, 20) GUICtrlSetTip ($glOCASAN, '"Subject Alternative Name" should contain "Common Name (CN)"') $gcOCASAN = GUICtrlCreateCombo ('', 145, 136, 50, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aSANType[0] GUICtrlSetData ($gcOCASAN, $aSANType[$i], $aSANType[1]) Next $giOCASAN = GUICtrlCreateInput ('', 200, 137, 558, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbOCASANAdd = GUICtrlCreateButton ('+', 763, 136, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbOCASANAdd, @AutoItExe, -03, 0) GUICtrlSetTip ($gbOCASANAdd, 'Add SAN') $glvOCASAN = GUICtrlCreateListView ('Type|Value', 145, 162, 613, 100, BitOR ($LVS_REPORT, $LVS_SINGLESEL, $LVS_NOSORTHEADER, $LVS_SORTASCENDING)) GUICtrlSendMsg ($glvOCASAN, $LVM_SETCOLUMNWIDTH, 0, 55) GUICtrlSendMsg ($glvOCASAN, $LVM_SETCOLUMNWIDTH, 1, 530) $gbOCASANDel = GUICtrlCreateButton ('-', 763, 162, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbOCASANDel, @AutoItExe, -05, 0) GUICtrlSetTip ($gbOCASANDel, 'Remove SAN') $glCAC = GUICtrlCreateLabel ('Country (C) *:', 15, 270, 125, 20) $giCAC = GUICtrlCreateInput ('', 145, 267, 240, 20, BitOR ($ES_LEFT, $ES_UPPERCASE, $ES_AUTOHSCROLL)) GUICtrlSetTip ($giCAC, '2 letter country code, eg. "US"') $glCAST = GUICtrlCreateLabel ('State or Province (ST) *:', 415, 270, 125, 20) $giCAST = GUICtrlCreateInput ('', 545, 267, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCAL = GUICtrlCreateLabel ('Locality (L):', 15, 295, 125, 20) $giCAL = GUICtrlCreateInput ('', 145, 292, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCALP = GUICtrlCreateLabel ('Postal Code:', 415, 295, 125, 20) $giCALP = GUICtrlCreateInput ('', 545, 292, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCALA = GUICtrlCreateLabel ('Street Address:', 15, 320, 125, 20) $giCALA = GUICtrlCreateInput ('', 145, 317, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCAO = GUICtrlCreateLabel ('Organization (O):', 15, 345, 125, 20) $giCAO = GUICtrlCreateInput ('', 145, 342, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCAOU = GUICtrlCreateLabel ('Organizational Unit (OU):', 415, 345, 125, 20) $giCAOU = GUICtrlCreateInput ('', 545, 342, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCAE = GUICtrlCreateLabel ('Email (E):', 15, 370, 125, 20) $giCAE = GUICtrlCreateInput ('', 145, 367, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $glCADC = GUICtrlCreateLabel ('Domain (DC) *:', 415, 370, 125, 20) $giCADC = GUICtrlCreateInput ('', 545, 367, 240, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL)) $gbCreateCA = GUICtrlCreateButton ('Create', 720, 499, 75, 22, $BS_FLAT) GUICtrlSetTip ($gbCreateCA, 'Create CA Certificate') $gtAbout = GUICtrlCreateTabItem ('About') $glVersions = ' ( ' $glVersions &= '7zip v' & FileGetVersion ($BIN & '\7za.exe', 'ProductVersion') $glVersions &= ' | ' $glVersions &= 'OpenSSL v' & FileGetVersion ($BIN & '\OpenSSL\openssl.exe', 'ProductVersion') $glVersions &= ' | ' $glVersions &= 'MakeCert v' & FileGetVersion ($BIN & '\MakeCert\MakeCert.exe', 'ProductVersion') $glVersions &= ' | ' $glVersions &= 'SignTool v' & FileGetVersion ($BIN & '\SignTool\signtool.exe', 'ProductVersion') $glVersions &= ' ) ' GUICtrlCreateLabel ('About', 15, 40, 45, 20) GUICtrlCreateGraphic (60, 47, 725, 1, $SS_BLACKRECT) GUICtrlCreateLabel (FileGetVersion (@ScriptFullPath, 'ProductName') & ' v' & FileGetVersion (@ScriptFullPath, 'ProductVersion') & $glVersions, 15, 65, 770, 20) GUICtrlCreateLabel (FileGetVersion (@ScriptFullPath, 'LegalTrademarks') & ' ' & FileGetVersion (@ScriptFullPath, 'LegalCopyright'), 15, 90, 770, 20) GUICtrlCreatePic ($BIN & '\Choo-Choo.gif', 575, 130, 200, 75) GUICtrlCreateLabel ('Forms / Templates', 15, 200, 110, 20) GUICtrlCreateGraphic (125, 207, 660, 1, $SS_BLACKRECT) $glvForms = GUICtrlCreateListView ('Expiration Date|Common Name (CN)|Form', 15, 230, 743, 200, BitOR ($LVS_REPORT, $LVS_SINGLESEL, $LVS_NOSORTHEADER, $LVS_SORTASCENDING)) GUICtrlSendMsg ($glvForms, $LVM_SETCOLUMNWIDTH, 0, 100) GUICtrlSendMsg ($glvForms, $LVM_SETCOLUMNWIDTH, 1, 200) GUICtrlSendMsg ($glvForms, $LVM_SETCOLUMNWIDTH, 2, 420) $gbLoadForm = GUICtrlCreateButton ('+', 763, 230, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbLoadForm, @AutoItExe, -03, 0) GUICtrlSetTip ($gbLoadForm, 'Load Form/Template') $gbDeleteForm = GUICtrlCreateButton ('-', 763, 257, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbDeleteForm, @AutoItExe, -05, 0) GUICtrlSetTip ($gbDeleteForm, 'Delete Form/Template') $gbOpenCert = GUICtrlCreateButton ('...', 763, 284, 22, 22, BitOR ($BS_ICON, $BS_CENTER, $BS_VCENTER, $BS_FLAT)) GUICtrlSetImage ($gbOpenCert, @AutoItExe, -08, 0) GUICtrlSetTip ($gbOpenCert, 'Open Certificate') GUICtrlCreateTabItem ('') $gcbForm = GUICtrlCreateCheckbox ('Save Form', 640, 500, 75, 20) GUICtrlSetState ($gcbForm, $GUI_CHECKED) GUICtrlSetTip ($gcbForm, 'Save the Form to "ExportPath\CN.cnf" file') GUISetState (@SW_SHOW, $GUISign) ;GUISetState (@SW_SHOW, $GUICertificate) Dim $LoadOnStartup = $DefaultConfigPath If IsDeclared ('LoadForm') Then $LoadOnStartup = $LoadForm If FileExists ($LoadOnStartup) Then fForm($LoadOnStartup, 'Load', TRUE) ;____________________________________________________________________________________________________ Dim $SwitchGUI = 0, $SwitchGUIcontrol = 0 Dim $ActiveTab = 0, $SwitchTab = 0 Dim $Colour = '0xFFFFFF', $SignFiles Dim $ToggleRevealPass = 0 While 'Digital Signature Kit' $GUIState = GUIGetMsg () Select Case $SwitchGUI AND $SwitchGUIcontrol $SwitchGUIcontrol = BitAND (BitNOT ($SwitchGUIcontrol), 1) $ActiveTab = BitAND (BitNOT ($ActiveTab), 1) $Position = WinGetPos ($GUISign) If $Position[0] <= ($GUIWidthDelta / 2) Then $Position[0] = ($GUIWidthDelta / 2) + 25 If $Position[0] >= (@DesktopWidth - $GUIWidth - ($GUIWidthDelta / 2)) Then $Position[0] = (@DesktopWidth - $GUIWidth - ($GUIWidthDelta / 2) - 25) If $Position[1] <= ($GUIHeightDelta / 2) Then $Position[1] = ($GUIHeightDelta / 2) + 25 If $Position[1] >= (@DesktopHeight - $GUIHeight - ($GUIHeightDelta / 2) - 25) Then $Position[1] = (@DesktopHeight - $GUIHeight - ($GUIHeightDelta / 2) - 25) WinMove ($GUICertificate, '', $Position[0] - ($GUIWidthDelta / 2), $Position[1] - ($GUIHeightDelta / 2)) GUISetState (@SW_HIDE, $GUISign) GUISetState (@SW_SHOW, $GUICertificate) GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) Case $SwitchGUIcontrol $SwitchGUIcontrol = BitAND (BitNOT ($SwitchGUIcontrol), 1) $ActiveTab = BitAND (BitNOT ($ActiveTab), 1) $Position = WinGetPos ($GUICertificate) WinMove ($GUISign, '', $Position[0] + ($GUIWidthDelta / 2), $Position[1] + ($GUIHeightDelta / 2)) GUISetState (@SW_HIDE, $GUICertificate) GUISetState (@SW_SHOW, $GUISign) GUICtrlSetState ($gbDummySign, $GUI_FOCUS) EndSelect Select Case GUICtrlGetState ($gbSign) = BitOR ($GUI_SHOW, $GUI_DISABLE) GUICtrlSetState ($gbSign, $GUI_ENABLE) Case GUICtrlGetState ($gbONewPVK) = BitOR ($GUI_SHOW, $GUI_DISABLE) GUICtrlSetState ($gbONewPVK, $GUI_ENABLE) Case GUICtrlGetState ($gbCreate) = BitOR ($GUI_SHOW, $GUI_DISABLE) GUICtrlSetState ($gbCreate, $GUI_ENABLE) Case GUICtrlGetState ($gbOCANewPVK) = BitOR ($GUI_SHOW, $GUI_DISABLE) GUICtrlSetState ($gbOCANewPVK, $GUI_ENABLE) Case GUICtrlGetState ($gbCreateCA) = BitOR ($GUI_SHOW, $GUI_DISABLE) GUICtrlSetState ($gbCreateCA, $GUI_ENABLE) EndSelect Select Case $GUIState = $gmPVKCAPassReveal OR $GUIState = $gmPVKPassReveal OR $GUIState = $gmCAPVKPassReveal If $ToggleRevealPass Then GUICtrlSetState ($gmPVKCAPassReveal, BitOR ($GUI_ENABLE, $GUI_UNCHECKED)) GUICtrlSetState ($gmPVKPassReveal, BitOR ($GUI_ENABLE, $GUI_UNCHECKED)) GUICtrlSetState ($gmCAPVKPassReveal, BitOR ($GUI_ENABLE, $GUI_UNCHECKED)) Else GUICtrlSetState ($gmPVKCAPassReveal, BitOR ($GUI_ENABLE, $GUI_CHECKED)) GUICtrlSetState ($gmPVKPassReveal, BitOR ($GUI_ENABLE, $GUI_CHECKED)) GUICtrlSetState ($gmCAPVKPassReveal, BitOR ($GUI_ENABLE, $GUI_CHECKED)) ClipPut (GUICtrlRead ($giPVKCAPass)) EndIf $ToggleRevealPass = Abs ($ToggleRevealPass - 1) fRevealPass($GUICertificate, $glPVKCAPass, $giPVKCAPass, $ToggleRevealPass) fRevealPass($GUICertificate, $glPVKPass, $giPVKPass, $ToggleRevealPass) fRevealPass($GUICertificate, $glCAPVKPass, $giCAPVKPass, $ToggleRevealPass) EndSelect Select ;____________________________________________________________________________________________________ Case $GUIState = $gtCertificate OR $SwitchTab $SwitchTab = 0 $TABState = GUICtrlRead ($gtCertificate, 1) Select Case $TABState = $gtCert OR $TABState = $gtCACert If $TABState = $gtCert Then $ActiveTab = 1 If $TABState = $gtCACert Then $ActiveTab = 2 GUICtrlSetState ($gmCertFile, $GUI_ENABLE) GUICtrlSetState ($gcbForm, $GUI_SHOW) Case $TABState = $gtAbout $ActiveTab = 3 GUICtrlSetState ($gmCertFile, $GUI_DISABLE) GUICtrlSetState ($gcbForm, $GUI_HIDE) EndSelect Case $GUIState = $gbBrowsePFX GUICtrlSetState ($gbDummySign, $GUI_FOCUS) $FilePFX = FileOpenDialog ('Please select your "Personal Information Exchange" file ...', @ScriptDir, 'Personal Information Exchange (*.pfx)', 3, '', $GUISign) If @error Then ContinueLoop GUICtrlSetData ($giFilePFX, $FilePFX) Case $GUIState = $gbAddFile GUICtrlSetState ($gbDummySign, $GUI_FOCUS) $FileEXE = FileOpenDialog ('Please select files that should be signed ...', '', 'Executable (*.exe)|Dynamic-Link Library (*.dll)|PowerShell Script (*.ps1)|Visual Basic Script (*.vbs)|System Configuration File (*.sys)', 7, '', $GUISign) If @error Then ContinueLoop $FileEXE = StringSplit ($FileEXE, '|') If $FileEXE[0] = 1 Then If StringInStr ($SignFiles, $FileEXE[1] & '|') Then ContinueLoop GUICtrlSetData ($gliFiles, $FileEXE[1] & '|') $SignFiles &= $FileEXE[1] & '|' Else For $i = 2 to $FileEXE[0] If StringInStr ($SignFiles, $FileEXE[1] & '\' & $FileEXE[$i] & '|') Then ContinueLoop GUICtrlSetData ($gliFiles, $FileEXE[1] & '\' & $FileEXE[$i] & '|') $SignFiles &= $FileEXE[1] & '\' & $FileEXE[$i] & '|' Next EndIf Case $GUIState = $gbDelFile GUICtrlSetState ($gbDummySign, $GUI_FOCUS) If GUICtrlRead ($gliFiles) = '' Then $SignFiles = '' GUICtrlSetData ($gliFiles, '|') Else $SignFiles = StringReplace ($SignFiles, GUICtrlRead ($gliFiles) & '|', '') GUICtrlSetData ($gliFiles, '|') GUICtrlSetData ($gliFiles, $SignFiles) EndIf Case $GUIState = $gbSign GUICtrlSetState ($gbDummySign, $GUI_FOCUS) GUICtrlSetState ($gbSign, $GUI_DISABLE) $FilePFX = StringStripWS (GUICtrlRead ($giFilePFX), 3) If StringStripWS ($FilePFX, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', '"Personal Information Exchange" file must be specified.', 0, $GUISign) Then ContinueLoop If (NOT fPingHost($FilePFX) OR NOT FileExists ($FilePFX)) AND MsgBox (262192, 'Digital Signature Kit', 'You must specify existing path for "Personal Information Exchange" file.', 0, $GUISign) Then ContinueLoop $PassPFX = GUICtrlRead ($giPassPFX) If StringStripWS ($PassPFX, 8) = '' Then $PassPFX = '' $TimeStampService = GUICtrlRead ($gcTSS) $RFC = 0 If StringInStr ($TimeStampService, 'RFC 3161', 1) Then $RFC = 1 $TimeStampService = StringStripWS (StringTrimLeft ($TimeStampService, StringInStr ($TimeStampService, '-')), 3) If StringStripWS ($TimeStampService, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'You must specify Timestamping Service that will be used to timestamp your files.', 0, $GUISign) Then ContinueLoop $Description = StringStripWS (GUICtrlRead ($giDescription), 3) If StringStripWS ($Description, 8) = '' Then $Description = '' $SignFile = StringTrimRight ($SignFiles, 1) If $SignFile = '' AND MsgBox (262192, 'Digital Signature Kit', 'You must specify at least one file that should be signed.', 0, $GUISign) Then ContinueLoop $errorSign = fSign($SignFile, $FilePFX, $PassPFX, $Description, $TimeStampService, $RFC) If @error AND MsgBox (262192, 'Digital Signature Kit', $errorSign, 0, $GUISign) Then ContinueLoop MsgBox (262208, 'Digital Signature Kit', 'Files were successfully signed.', 3, $GUISign) ;____________________________________________________________________________________________________ Case $GUIState = $gbNewCertCA OR $GUIState = $gbNewPVKCA GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) GUICtrlSetState ($gtCACert, $GUI_SHOW) Case $GUIState = $gcCertType For $i = 1 To $aCertType[0][0] If GUICtrlRead ($gcCertType) <> $aCertType[$i][0] Then ContinueLoop $CertType = $aCertType[$i][1] ExitLoop Next fSetGUI($Engine, $CertType, $CertPurpose, $CertRequest, FALSE) Case $GUIState = $gcCertPurpose For $i = 1 To $aCertPurpose[0][0] If GUICtrlRead ($gcCertPurpose) <> $aCertPurpose[$i][0] Then ContinueLoop $CertPurpose = $aCertPurpose[$i][1] ExitLoop Next fSetGUI($Engine, $CertType, $CertPurpose, $CertRequest, FALSE) Case $GUIState = $gcOCertRequest For $i = 1 To $aCertRequest[0][0] If GUICtrlRead ($gcOCertRequest) <> $aCertRequest[$i][0] Then ContinueLoop $CertRequest = $aCertRequest[$i][1] ExitLoop Next fSetGUI($Engine, $CertType, $CertPurpose, $CertRequest, FALSE) Case $GUIState = $gbBrowseCertCA GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) If $Engine = 'OpenSSL' Then $FileCertCA = FileOpenDialog ('Please select "CA Certificate" file ...', '', 'Certificate (*.cert.pem)', 3, '', $GUICertificate) Else $FileCertCA = FileOpenDialog ('Please select "CA Certificate" file ...', '', 'Certificate (*.cer)', 3, '', $GUICertificate) EndIf If @error Then ContinueLoop GUICtrlSetData ($giCertCA, $FileCertCA) Case $GUIState = $gbBrowsePVKCA GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) If $Engine = 'OpenSSL' Then $FilePVKCA = FileOpenDialog ('Please select "CA Private Key" file ...', '', 'Private (*.key.pem)', 3, '', $GUICertificate) Else $FilePVKCA = FileOpenDialog ('Please select "CA Private Key" file ...', '', 'Private Key (*.pvk)', 3, '', $GUICertificate) EndIf If @error Then ContinueLoop GUICtrlSetData ($giPVKCA, $FilePVKCA) Case $GUIState = $gbBrowsePath GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $Path = FileSelectFolder ('Please select root path for export (subdirectories will be created).', '', 7, @DesktopDir, $GUICertificate) If @error Then ContinueLoop GUICtrlSetData ($giPath, $Path) Case $GUIState = $gbOBrowsePVK GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) If $CertRequest = 'REQ' Then $FilePVK = FileOpenDialog ('Please select your "Certificate Request" file ...', '', 'All files (*.*)', 3, '', $GUICertificate) Else $FilePVK = FileOpenDialog ('Please select your "Private Key" file ...', '', 'Private Key (*.key.pem)', 3, '', $GUICertificate) EndIf If @error Then ContinueLoop GUICtrlSetData ($giOPVK, $FilePVK) Case $GUIState = $gbONewPVK GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) GUICtrlSetState ($gbONewPVK, $GUI_DISABLE) $CN = StringStripWS (GUICtrlRead ($giCN), 3) If StringStripWS ($CN, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Common Name (CN)".', 0, $GUICertificate) Then ContinueLoop $CN = fGetName($CN) If @error AND MsgBox (262192, 'Digital Signature Kit', 'Please choose another "Common Name (CN)".', 0, $GUICertificate) Then ContinueLoop $Path = StringStripWS (GUICtrlRead ($giPath), 3) While StringRight ($Path, 1) = '\' $Path = StringStripWS (StringTrimRight ($Path, 1), 3) WEnd If StringStripWS ($Path, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($Path) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop Dim $hxDelta = 140, $hyDelta = 180 If $CertType = 'Cert' Then Dim $hxDelta = 140, $hyDelta = 230 $errorPVK = fPVK($CN, $Path, 'AES 256', '2048', $hxDelta, $hyDelta) If @error AND MsgBox (262192, 'Digital Signature Kit', $errorPVK, 0, $GUICertificate) Then ContinueLoop If $errorPVK[1] <> '' Then GUICtrlSetData ($giOPVK, $errorPVK[1]) GUICtrlSetData ($giPVKPass, $errorPVK[2]) EndIf WinActivate ($GUICertificate) Case $GUIState = $gbOSANAdd GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $SANType = GUICtrlRead ($gcOSAN) $SAN = StringStripWS (GUICtrlRead ($giOSAN), 3) If StringStripWS ($SAN, 8) = '' Then GUICtrlSetData ($giOSAN, '') ContinueLoop EndIf If StringInStr ($SAN, '|') AND MsgBox (262192, 'Digital Signature Kit', 'Invalid character in "Subject Alternative Name".' & @CRLF & 'Please remove " | " character and try again.', 0, $GUICertificate) Then ContinueLoop For $i = 1 To $aSAN[0][0] If $SANType == $aSAN[$i][0] AND $SAN == $aSAN[$i][1] Then ContinueLoop 2 Next ReDim $aSAN[UBound($aSAN) + 1][2] $aSAN[0][0] = UBound($aSAN) - 1 $aSAN[$aSAN[0][0]][0] = $SANType $aSAN[$aSAN[0][0]][1] = $SAN Assign ('SAN' & $aSAN[0][0], GUICtrlCreateListViewItem ($SANType & '|' & $SAN, $glvOSAN), 2) GUICtrlSetData ($giOSAN, '') Case $GUIState = $gbOSANDel GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $SelectedSAN = GUICtrlRead (GUICtrlRead ($glvOSAN)) If $SelectedSAN = '' Then ContinueLoop If StringLeft ($SelectedSAN, 1) = '|' Then $SelectedSAN = StringTrimLeft ($SelectedSAN, 1) If StringRight ($SelectedSAN, 1) = '|' Then $SelectedSAN = StringTrimRight ($SelectedSAN, 1) $SelectedSAN = StringSplit ($SelectedSAN, '|') Dim $tSAN[1][1] = [[0]] For $i = 1 To $aSAN[0][0] GUICtrlDelete (Eval ('SAN' & $i)) If $SelectedSAN[1] == $aSAN[$i][0] AND $SelectedSAN[2] == $aSAN[$i][1] Then ContinueLoop ReDim $tSAN[UBound($tSAN) + 1][2] $tSAN[0][0] = UBound($tSAN) - 1 $tSAN[$tSAN[0][0]][0] = $aSAN[$i][0] $tSAN[$tSAN[0][0]][1] = $aSAN[$i][1] Next $aSAN = $tSAN For $i = 1 To $aSAN[0][0] Assign ('SAN' & $i, GUICtrlCreateListViewItem ($aSAN[$i][0] & '|' & $aSAN[$i][1], $glvOSAN), 2) Next Case $GUIState = $gbCreate GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) GUICtrlSetState ($gbCreate, $GUI_DISABLE) For $i = 1 To $aCertPurpose[0][0] If GUICtrlRead ($gcCertPurpose) <> $aCertPurpose[$i][0] Then ContinueLoop $CertPurpose = $aCertPurpose[$i][1] ExitLoop Next Dim $CertCA = '', $PVKCA = '', $PVKCAPass = '' If $CertType = 'Cert' Then $CertCA = StringStripWS (GUICtrlRead ($giCertCA), 3) While StringRight ($CertCA, 1) = '\' $CertCA = StringStripWS (StringTrimRight ($CertCA, 1), 3) WEnd If StringStripWS ($CertCA, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "CA Certificate" path.', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($CertCA) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "CA Certificate" path.', 0, $GUICertificate) Then ContinueLoop $PVKCA = StringStripWS (GUICtrlRead ($giPVKCA), 3) While StringRight ($PVKCA, 1) = '\' $PVKCA = StringStripWS (StringTrimRight ($PVKCA, 1), 3) WEnd If StringStripWS ($PVKCA, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "CA Private Key" path.', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($PVKCA) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "CA Private Key" path.', 0, $GUICertificate) Then ContinueLoop If $Engine = 'OpenSSL' Then $PVKCAPass = GUICtrlRead ($giPVKCAPass) If StringStripWS ($PVKCAPass, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "CA Private Key" password.', 0, $GUICertificate) Then ContinueLoop EndIf EndIf $CN = StringStripWS (GUICtrlRead ($giCN), 3) If StringStripWS ($CN, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Common Name (CN)".', 0, $GUICertificate) Then ContinueLoop $Path = StringStripWS (GUICtrlRead ($giPath), 3) While StringRight ($Path, 1) = '\' $Path = StringStripWS (StringTrimRight ($Path, 1), 3) WEnd If StringStripWS ($Path, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($Path) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop Dim $OPVK = '', $PVKPass = '' If $Engine = 'OpenSSL' Then $OCertRequest = $CertRequest If $OCertRequest = 'PVK' Then $OPVK = StringStripWS (GUICtrlRead ($giOPVK), 3) While StringRight ($OPVK, 1) = '\' $OPVK = StringStripWS (StringTrimRight ($OPVK, 1), 3) WEnd If StringStripWS ($OPVK, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Private Key" path.', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($OPVK) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Private Key" path.', 0, $GUICertificate) Then ContinueLoop $PVKPass = GUICtrlRead ($giPVKPass) If StringStripWS ($PVKPass, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Private Key" password.', 0, $GUICertificate) Then ContinueLoop Else $OPVK = StringStripWS (GUICtrlRead ($giOPVK), 3) While StringRight ($OPVK, 1) = '\' $OPVK = StringStripWS (StringTrimRight ($OPVK, 1), 3) WEnd If StringStripWS ($OPVK, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Certificate Request file" path.', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($OPVK) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Certificate Request file" path.', 0, $GUICertificate) Then ContinueLoop $REQPath = $Path & '\' & fGetName($CN) & '\Certificate Request' If NOT FileExists ($REQPath & '\' & fGetName($CN) & '.csr') Then If NOT FileExists ($REQPath) AND NOT DirCreate ($REQPath) AND MsgBox (262192, 'Digital Signature Kit', 'Could not copy "Certificate Signing Request (CSR)" file.', 0, $GUICertificate) Then ContinueLoop If NOT FileCopy ($OPVK, $REQPath & '\' & fGetName($CN) & '.csr', 1) AND MsgBox (262192, 'Digital Signature Kit', 'Could not copy "Certificate Signing Request (CSR)" file.', 0, $GUICertificate) Then ContinueLoop $OPVK = $REQPath & '\' & fGetName($CN) & '.csr' GUICtrlSetData ($giOPVK, $OPVK) EndIf EndIf Else $PVKPass = GUICtrlRead ($giPVKPass) EndIf $Hash = GUICtrlRead ($gcHash) For $i = 0 To $aHASH[0][0] If $Hash <> $aHASH[$i][0] Then ContinueLoop $Hash = $aHASH[$i][1] ExitLoop Next $PVKLength = GUICtrlRead ($gcMPVKLength) $ValidityStart = GUICtrlRead ($gdValidityStart) While StringRight ($ValidityStart, 1) = '.' $ValidityStart = StringTrimRight ($ValidityStart, 1) WEnd $Validity = Number (GUICtrlRead ($giValidity)) If $Validity = 0 AND MsgBox (262192, 'Digital Signature Kit', 'Validity of certificate can not be " 0 ".', 0, $GUICertificate) Then ContinueLoop If $Engine = 'OpenSSL' Then $aValidityStart = StringSplit ($ValidityStart, '.') $DeltaYears = Floor ($Validity / 12) $DeltaMonths = Mod ($Validity, 12) $Validity = fGetDate($aValidityStart[1] & '.' & StringFormat ('%02i', Number ($aValidityStart[2]) + $DeltaMonths) & '.' & (Number ($aValidityStart[3]) + $DeltaYears), 'D.M.Y') EndIf If $OCertRequest = 'REQ' Then Dim $C = '', $ST = '', $L = '', $LP = '', $LA = '', $O = '', $OU = '', $E = '', $DC = '' Else $C = StringUpper (StringStripWS (GUICtrlRead ($giC), 3)) If StringStripWS ($C, 8) <> '' AND StringLen ($C) <> 2 AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Country (C)". Country name should consist of 2 letter country code, eg. "US".', 0, $GUICertificate) Then ContinueLoop $ST = StringStripWS (GUICtrlRead ($giST), 3) $L = StringStripWS (GUICtrlRead ($giL), 3) $LP = StringStripWS (GUICtrlRead ($giLP), 3) $LA = StringStripWS (GUICtrlRead ($giLA), 3) $O = StringStripWS (GUICtrlRead ($giO), 3) $OU = StringStripWS (GUICtrlRead ($giOU), 3) $E = StringStripWS (GUICtrlRead ($giE), 3) $DC = StringStripWS (GUICtrlRead ($giDC), 3) If $CertType = 'Cert' AND StringStripWS ($DC, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Domain (DC)".', 0, $GUICertificate) Then ContinueLoop If $DC = fGetName($CN) AND MsgBox (262452, 'Digital Signature Kit', 'It seems that "Common Name (CN)" and "Domain (DC)" are the same, which may result in invalid certificate.' & @CRLF & @CRLF & 'Do you wish to continue?', 0, $GUICertificate) = 7 Then ContinueLoop EndIf Dim $aOSAN[1][1] = [[0]] If $Engine = 'OpenSSL' Then If $CertPurpose = 'Authentication' Then If $aSAN[0][0] > 0 Then For $i = 1 To $aSAN[0][0] If $aSAN[$i][0] = 'DNS' AND $aSAN[$i][1] = fGetName($CN) Then ExitLoop If $i = $aSAN[0][0] Then ReDim $aSAN[UBound($aSAN) + 1][2] $aSAN[0][0] = UBound($aSAN) - 1 $aSAN[$aSAN[0][0]][0] = 'DNS' $aSAN[$aSAN[0][0]][1] = fGetName($CN) Assign ('SAN' & $aSAN[0][0], GUICtrlCreateListViewItem ($aSAN[$aSAN[0][0]][0] & '|' & $aSAN[$aSAN[0][0]][1], $glvOSAN), 2) EndIf Next Else ReDim $aSAN[UBound($aSAN) + 1][2] $aSAN[0][0] = UBound($aSAN) - 1 $aSAN[$aSAN[0][0]][0] = 'DNS' $aSAN[$aSAN[0][0]][1] = fGetName($CN) Assign ('SAN' & $aSAN[0][0], GUICtrlCreateListViewItem ($aSAN[$aSAN[0][0]][0] & '|' & $aSAN[$aSAN[0][0]][1], $glvOSAN), 2) EndIf EndIf For $i = 1 To $aSANType[0] Dim $n = 1 For $j = 1 To $aSAN[0][0] If $aSAN[$j][0] = $aSANType[$i] Then ReDim $aOSAN[UBound($aOSAN) + 1][2] $aOSAN[0][0] = UBound($aOSAN) - 1 $aOSAN[$aOSAN[0][0]][0] = $aSANType[$i] & '.' & $n $aOSAN[$aOSAN[0][0]][1] = $aSAN[$j][1] $n += 1 EndIf Next Next EndIf $OUnencrypted = FALSE If GUICtrlRead ($gcbOUnencrypted) = $GUI_CHECKED Then $OUnencrypted = TRUE If GUICtrlRead ($gcbForm) = $GUI_CHECKED Then fResetData('CACert') $FormCNF = $Path & '\' & fGetName($CN) & '\' & fGetName($CN) & '.cnf' $errorForm = fForm($FormCNF, 'Save') If @error AND MsgBox (262192, 'Digital Signature Kit', $errorForm, 0, $GUICertificate) Then ContinueLoop EndIf If $Engine = 'MakeCert' Then GUISetState (@SW_DISABLE, $GUICertificate) GUISetState (@SW_MINIMIZE, $GUICertificate) EndIf Dim $error = FALSE $errorCert = fCert($Engine, $CertType, $CertPurpose, $OUnencrypted, $CertCA, $PVKCA, $PVKCAPass, $Path, $OCertRequest, $OPVK, $PVKLength, $PVKPass, $Hash, $ValidityStart, $Validity, $C, $ST, $L, $LP, $LA, $O, $OU, $E, $DC, $CN, $aOSAN) If @error Then $error = TRUE If $Engine = 'MakeCert' Then GUISetState (@SW_RESTORE, $GUICertificate) GUISetState (@SW_ENABLE, $GUICertificate) EndIf If $error AND MsgBox (262192, 'Digital Signature Kit', $errorCert, 0, $GUICertificate) Then ContinueLoop MsgBox (262208, 'Digital Signature Kit', 'Certificate was successfully created.', 3, $GUICertificate) ShellExecute ($Path, '', $Path, 'OPEN') If FileExists ($LoadOnStartup) Then fForm($LoadOnStartup, 'Load', TRUE) If FileExists ($DefaultConfigPath) Then fForm($DefaultConfigPath, 'Load') ;____________________________________________________________________________________________________ Case $GUIState = $gbCABrowsePath GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $CAPath = FileSelectFolder ('Please select root path for export (subdirectories will be created).', '', 7, @DesktopDir, $GUICertificate) If @error Then ContinueLoop GUICtrlSetData ($giCAPath, $CAPath) Case $GUIState = $gbOCABrowsePVK GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $FileCAPVK = FileOpenDialog ('Please select your "Private Key" file ...', '', 'Private Key (*.key.pem)', 3, '', $GUICertificate) If @error Then ContinueLoop GUICtrlSetData ($giOCAPVK, $FileCAPVK) Case $GUIState = $gbOCANewPVK GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) GUICtrlSetState ($gbOCANewPVK, $GUI_DISABLE) $CACN = StringStripWS (GUICtrlRead ($giCACN), 3) If StringStripWS ($CACN, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Common Name (CN)".', 0, $GUICertificate) Then ContinueLoop $CACN = fGetName($CACN) If @error AND MsgBox (262192, 'Digital Signature Kit', 'Please choose another "Common Name (CN)".', 0, $GUICertificate) Then ContinueLoop $CAPath = StringStripWS (GUICtrlRead ($giCAPath), 3) While StringRight ($CAPath, 1) = '\' $CAPath = StringStripWS (StringTrimRight ($CAPath, 1), 3) WEnd If StringStripWS ($CAPath, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($CAPath) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop Dim $hxDelta = 140, $hyDelta = 155 $errorPVK = fPVK($CACN, $CAPath, 'AES 256', '4096', $hxDelta, $hyDelta) If @error AND MsgBox (262192, 'Digital Signature Kit', $errorPVK, 0, $GUICertificate) Then ContinueLoop If $errorPVK[1] <> '' Then GUICtrlSetData ($giOCAPVK, $errorPVK[1]) GUICtrlSetData ($giCAPVKPass, $errorPVK[2]) EndIf WinActivate ($GUICertificate) Case $GUIState = $gbOCASANAdd GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $CASANType = GUICtrlRead ($gcOCASAN) $CASAN = StringStripWS (GUICtrlRead ($giOCASAN), 3) If StringStripWS ($CASAN, 8) = '' Then GUICtrlSetData ($giOCASAN, '') ContinueLoop EndIf If StringInStr ($CASAN, '|') AND MsgBox (262192, 'Digital Signature Kit', 'Invalid character in "Subject Alternative Name".' & @CRLF & 'Please remove " | " character and try again.', 0, $GUICertificate) Then ContinueLoop For $i = 1 To $aCASAN[0][0] If $CASANType == $aCASAN[$i][0] AND $CASAN == $aCASAN[$i][1] Then ContinueLoop 2 Next ReDim $aCASAN[UBound($aCASAN) + 1][2] $aCASAN[0][0] = UBound($aCASAN) - 1 $aCASAN[$aCASAN[0][0]][0] = $CASANType $aCASAN[$aCASAN[0][0]][1] = $CASAN Assign ('CASAN' & $aCASAN[0][0], GUICtrlCreateListViewItem ($CASANType & '|' & $CASAN, $glvOCASAN), 2) GUICtrlSetData ($giOCASAN, '') Case $GUIState = $gbOCASANDel GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) $SelectedCASAN = GUICtrlRead (GUICtrlRead ($glvOCASAN)) If $SelectedCASAN = '' Then ContinueLoop If StringLeft ($SelectedCASAN, 1) = '|' Then $SelectedCASAN = StringTrimLeft ($SelectedCASAN, 1) If StringRight ($SelectedCASAN, 1) = '|' Then $SelectedCASAN = StringTrimRight ($SelectedCASAN, 1) $SelectedCASAN = StringSplit ($SelectedCASAN, '|') Dim $tSAN[1][1] = [[0]] For $i = 1 To $aCASAN[0][0] GUICtrlDelete (Eval ('CASAN' & $i)) If $SelectedCASAN[1] == $aCASAN[$i][0] AND $SelectedCASAN[2] == $aCASAN[$i][1] Then ContinueLoop ReDim $tSAN[UBound($tSAN) + 1][2] $tSAN[0][0] = UBound($tSAN) - 1 $tSAN[$tSAN[0][0]][0] = $aCASAN[$i][0] $tSAN[$tSAN[0][0]][1] = $aCASAN[$i][1] Next $aCASAN = $tSAN For $i = 1 To $aCASAN[0][0] Assign ('CASAN' & $i, GUICtrlCreateListViewItem ($aCASAN[$i][0] & '|' & $aCASAN[$i][1], $glvOCASAN), 2) Next Case $GUIState = $gbCreateCA GUICtrlSetState ($gbDummyCert, $GUI_FOCUS) GUICtrlSetState ($gbCreateCA, $GUI_DISABLE) $CACN = StringStripWS (GUICtrlRead ($giCACN), 3) If StringStripWS ($CACN, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Common Name (CN)".', 0, $GUICertificate) Then ContinueLoop $CAPath = StringStripWS (GUICtrlRead ($giCAPath), 3) While StringRight ($CAPath, 1) = '\' $CAPath = StringStripWS (StringTrimRight ($CAPath, 1), 3) WEnd If StringStripWS ($CAPath, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($CAPath) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "export path".', 0, $GUICertificate) Then ContinueLoop Dim $OCAPVK = '', $CAPVKPass = '' If $Engine = 'OpenSSL' Then $OCAPVK = StringStripWS (GUICtrlRead ($giOCAPVK), 3) While StringRight ($OCAPVK, 1) = '\' $OCAPVK = StringStripWS (StringTrimRight ($OCAPVK, 1), 3) WEnd If StringStripWS ($OCAPVK, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Private Key" path.', 0, $GUICertificate) Then ContinueLoop If NOT FileExists ($OCAPVK) AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Private Key" path.', 0, $GUICertificate) Then ContinueLoop $CAPVKPass = GUICtrlRead ($giCAPVKPass) If StringStripWS ($CAPVKPass, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Private Key" password.', 0, $GUICertificate) Then ContinueLoop Else $CAPVKPass = GUICtrlRead ($giCAPVKPass) EndIf $CAHash = GUICtrlRead ($gcCAHash) For $i = 0 To $aHASH[0][0] If $CAHash <> $aHASH[$i][0] Then ContinueLoop $CAHash = $aHASH[$i][1] ExitLoop Next $CAPVKLength = GUICtrlRead ($gcMCAPVKLength) $CAValidityStart = GUICtrlRead ($gdCAValidityStart) While StringRight ($CAValidityStart, 1) = '.' $CAValidityStart = StringTrimRight ($CAValidityStart, 1) WEnd $CAValidity = Number (GUICtrlRead ($giCAValidity)) If $CAValidity = 0 AND MsgBox (262192, 'Digital Signature Kit', 'Validity of certificate can not be " 0 ".', 0, $GUICertificate) Then ContinueLoop If $Engine = 'OpenSSL' Then $aCAValidityStart = StringSplit ($CAValidityStart, '.') $CAValidity = fGetDate($aCAValidityStart[1] & '.' & $aCAValidityStart[2] & '.' & (Number ($aCAValidityStart[3]) + $CAValidity), 'D.M.Y') Else $CAValidity = $CAValidity * 12 EndIf $CAC = StringUpper (StringStripWS (GUICtrlRead ($giCAC), 3)) If StringStripWS ($CAC, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Country (C)".', 0, $GUICertificate) Then ContinueLoop If StringLen ($CAC) <> 2 AND MsgBox (262192, 'Digital Signature Kit', 'Please specify valid "Country (C)". Country name should consist of 2 letter country code, eg. "US".', 0, $GUICertificate) Then ContinueLoop $CAST = StringStripWS (GUICtrlRead ($giCAST), 3) If StringStripWS ($CAST, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "State or Province (ST)".', 0, $GUICertificate) Then ContinueLoop $CAL = StringStripWS (GUICtrlRead ($giCAL), 3) $CALP = StringStripWS (GUICtrlRead ($giCALP), 3) $CALA = StringStripWS (GUICtrlRead ($giCALA), 3) $CAO = StringStripWS (GUICtrlRead ($giCAO), 3) $CAOU = StringStripWS (GUICtrlRead ($giCAOU), 3) $CAE = StringStripWS (GUICtrlRead ($giCAE), 3) $CADC = StringStripWS (GUICtrlRead ($giCADC), 3) If StringStripWS ($CADC, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify "Domain (DC)".', 0, $GUICertificate) Then ContinueLoop If $CADC = fGetName($CACN) AND MsgBox (262452, 'Digital Signature Kit', 'It seems that "Common Name (CN)" and "Domain (DC)" are the same, which may result in invalid certificate.' & @CRLF & @CRLF & 'Do you wish to continue?', 0, $GUICertificate) = 7 Then ContinueLoop Dim $aOCASAN[1][1] = [[0]] If $Engine = 'OpenSSL' Then If $aCASAN[0][0] > 0 Then For $i = 1 To $aCASAN[0][0] If $aCASAN[$i][0] = 'DNS' AND $aCASAN[$i][1] = $CADC Then ExitLoop If $i = $aCASAN[0][0] Then ReDim $aCASAN[UBound($aCASAN) + 1][2] $aCASAN[0][0] = UBound($aCASAN) - 1 $aCASAN[$aCASAN[0][0]][0] = 'DNS' $aCASAN[$aCASAN[0][0]][1] = $CADC Assign ('CASAN' & $aCASAN[0][0], GUICtrlCreateListViewItem ($aCASAN[$aCASAN[0][0]][0] & '|' & $aCASAN[$aCASAN[0][0]][1], $glvOCASAN), 2) EndIf Next Else ReDim $aCASAN[UBound($aCASAN) + 1][2] $aCASAN[0][0] = UBound($aCASAN) - 1 $aCASAN[$aCASAN[0][0]][0] = 'DNS' $aCASAN[$aCASAN[0][0]][1] = $CADC Assign ('CASAN' & $aCASAN[0][0], GUICtrlCreateListViewItem ($aCASAN[$aCASAN[0][0]][0] & '|' & $aCASAN[$aCASAN[0][0]][1], $glvOCASAN), 2) EndIf For $i = 1 To $aSANType[0] Dim $n = 1 For $j = 1 To $aCASAN[0][0] If $aCASAN[$j][0] = $aSANType[$i] Then ReDim $aOCASAN[UBound($aOCASAN) + 1][2] $aOCASAN[0][0] = UBound($aOCASAN) - 1 $aOCASAN[$aOCASAN[0][0]][0] = $aSANType[$i] & '.' & $n $aOCASAN[$aOCASAN[0][0]][1] = $aCASAN[$j][1] $n += 1 EndIf Next Next EndIf If GUICtrlRead ($gcbForm) = $GUI_CHECKED Then fResetData('Cert') $FormCNF = $CAPath & '\' & fGetName($CACN) & '\' & fGetName($CACN) & '.cnf' $errorForm = fForm($FormCNF, 'Save') If @error AND MsgBox (262192, 'Digital Signature Kit', $errorForm, 0, $GUICertificate) Then ContinueLoop EndIf If $Engine = 'MakeCert' Then GUISetState (@SW_DISABLE, $GUICertificate) GUISetState (@SW_MINIMIZE, $GUICertificate) EndIf Dim $error = FALSE $errorCert = fCert($Engine, 'CA', 'CertSign', FALSE, '', '', '', $CAPath, '', $OCAPVK, $CAPVKLength, $CAPVKPass, $CAHash, $CAValidityStart, $CAValidity, $CAC, $CAST, $CAL, $CALP, $CALA, $CAO, $CAOU, $CAE, $CADC, $CACN, $aOCASAN) If @error Then $error = TRUE If $Engine = 'MakeCert' Then GUISetState (@SW_RESTORE, $GUICertificate) GUISetState (@SW_ENABLE, $GUICertificate) EndIf If $error AND MsgBox (262192, 'Digital Signature Kit', $errorCert, 0, $GUICertificate) Then ContinueLoop MsgBox (262208, 'Digital Signature Kit', 'Certificate was successfully created.', 3, $GUICertificate) ShellExecute ($CAPath, '', $CAPath, 'OPEN') If FileExists ($LoadOnStartup) Then fForm($LoadOnStartup, 'Load', TRUE) If FileExists ($DefaultConfigPath) Then fForm($DefaultConfigPath, 'Load') ;____________________________________________________________________________________________________ Case $GUIState = $gmSignFormSave OR $GUIState = $gmCertFormSave OR $GUIState = $gmCertTemplateSave $ActiveGUI = $GUICertificate If $GUIState = $gmSignFormSave Then $ActiveGUI = $GUISign $FormCNF = FileSaveDialog ('Digital Signature Kit', @ScriptDir, 'Configuration file (*.cnf)', 18, $DefaultConfig, $ActiveGUI) If @error Then ContinueLoop If $GUIState = $gmCertTemplateSave Then $errorForm = fForm($FormCNF, 'Template') Else If $ActiveTab = 1 Then fResetData('CACert') If $ActiveTab = 2 Then fResetData('Cert') $errorForm = fForm($FormCNF, 'Save') EndIf If @error AND MsgBox (262192, 'Digital Signature Kit', $errorForm, 0, $ActiveGUI) Then ContinueLoop MsgBox (262208, 'Digital Signature Kit', $errorForm, 3, $ActiveGUI) Case $GUIState = $gmSignFormLoad OR $GUIState = $gmCertFormLoad OR $GUIState = $gbLoadForm $ActiveGUI = $GUICertificate If $GUIState = $gbLoadForm Then $SelectedForm = GUICtrlRead (GUICtrlRead ($glvForms)) If $SelectedForm = '' Then ContinueLoop $SelectedForm = StringSplit ($SelectedForm, '|') $SelectedFormCN = $SelectedForm[2] $SelectedFormPath = $SelectedForm[3] $errorForm = fForm($SelectedFormPath, 'Load') If @error AND MsgBox (262192, 'Digital Signature Kit', $errorForm, 0, $ActiveGUI) Then ContinueLoop $SwitchTab = 1 If StringLeft ($SelectedFormCN, 5) = '[CA] ' Then GUICtrlSetState ($gtCACert, $GUI_SHOW) Else GUICtrlSetState ($gtCert, $GUI_SHOW) EndIf Else If $GUIState = $gmSignFormLoad Then $ActiveGUI = $GUISign $FormCNF = FileOpenDialog ('Digital Signature Kit', @ScriptDir, 'Configuration file (*.cnf)', 3, '', $ActiveGUI) If @error Then ContinueLoop $errorForm = fForm($FormCNF, 'Load') If @error AND MsgBox (262192, 'Digital Signature Kit', $errorForm, 0, $ActiveGUI) Then ContinueLoop EndIf Case $GUIState = $gbDeleteForm $SelectedForm = GUICtrlRead (GUICtrlRead ($glvForms)) If $SelectedForm = '' Then ContinueLoop $SelectedForm = StringSplit ($SelectedForm, '|') $SelectedFormCN = $SelectedForm[2] $SelectedFormPath = $SelectedForm[3] If StringLeft ($SelectedFormCN, 5) = '[CA] ' Then $SelectedFormCN = StringTrimLeft ($SelectedFormCN, 5) $SelectedFormName = $SelectedFormCN If $SelectedFormName = '' Then $SelectedFormName = $SelectedFormPath If MsgBox (262436, 'Digital Signature Kit', 'Are you sure you wish to delete "' & $SelectedFormName & '" form.', 0, $GUICertificate) = 7 Then ContinueLoop $SelectedCertPath = fGetShortPath(IniRead ($SelectedFormPath, 'GENERAL', 'ExportPath', ''), FALSE) & '\' & $SelectedFormCN $SelectedPVKPath = fGetShortPath(IniRead ($SelectedFormPath, 'SPECIFIC', 'PVK', ''), FALSE) If NOT FileDelete ($SelectedFormPath) AND MsgBox (262192, 'Digital Signature Kit', 'Could not delete the form "' & $SelectedFormName & '"', 0, $GUICertificate) Then ContinueLoop If FileExists ($LoadOnStartup) Then fForm($LoadOnStartup, 'Load', TRUE) If FileExists ($DefaultConfigPath) Then fForm($DefaultConfigPath, 'Load') If $SelectedFormCN <> '' AND FileExists ($SelectedPVKPath) AND StringLeft ($SelectedPVKPath, StringLen ($SelectedCertPath)) = $SelectedCertPath Then If MsgBox (262436, 'Digital Signature Kit', 'Do you also wish to delete whole "' & $SelectedFormCN & '" certificate.', 0, $GUICertificate) = 6 Then If NOT DirRemove ($SelectedCertPath, 1) AND MsgBox (262192, 'Digital Signature Kit', 'Could not delete the certificate "' & $SelectedFormCN & '"', 0, $GUICertificate) Then ContinueLoop EndIf EndIf Case $GUIState = $gbOpenCert $SelectedForm = GUICtrlRead (GUICtrlRead ($glvForms)) If $SelectedForm = '' Then ContinueLoop $SelectedForm = StringSplit ($SelectedForm, '|') $SelectedFormCN = $SelectedForm[2] $SelectedFormPath = $SelectedForm[3] $ReadPVKPath = 'PVK' If StringLeft ($SelectedFormCN, 5) = '[CA] ' Then $SelectedFormCN = StringTrimLeft ($SelectedFormCN, 5) $ReadPVKPath = 'CAPVK' EndIf $SelectedCertPath = fGetShortPath(IniRead ($SelectedFormPath, 'GENERAL', 'ExportPath', ''), FALSE) & '\' & $SelectedFormCN $SelectedPVKPath = fGetShortPath(IniRead ($SelectedFormPath, 'SPECIFIC', $ReadPVKPath, ''), FALSE) If FileExists ($SelectedCertPath) AND FileExists ($SelectedPVKPath) Then ShellExecute ($SelectedCertPath, '', $SelectedCertPath, 'OPEN') Case $GUIState = $gbCertificate $SwitchGUI = BitAND (BitNOT ($SwitchGUI), 1) $SwitchGUIcontrol = BitAND (BitNOT ($SwitchGUIcontrol), 1) Case $GUIState = $gmCertEngineMakeCert OR $GUIState = $gmCertEngineOpenSSL If GUICtrlRead ($gmCertEngineMakeCert) = BitOR ($GUI_ENABLE, $GUI_CHECKED) Then $Engine = 'MakeCert' If GUICtrlRead ($gmCertEngineOpenSSL) = BitOR ($GUI_ENABLE, $GUI_CHECKED) Then $Engine = 'OpenSSL' fSetGUI($Engine, $CertType, $CertPurpose, $CertRequest, TRUE) Case $GUIState = $GUI_EVENT_CLOSE If NOT $SwitchGUI Then ExitLoop fResetData('Digital Signature Kit') fResetData('Create Certificate') If FileExists ($DefaultConfigPath) Then fForm($DefaultConfigPath, 'Load') fSetGUI($Engine, $CertType, $CertPurpose, $CertRequest, TRUE) $SwitchGUI = BitAND (BitNOT ($SwitchGUI), 1) $SwitchGUIcontrol = BitAND (BitNOT ($SwitchGUIcontrol), 1) EndSelect WEnd GUIDelete ($GUISign) Exit Func fSign($fSignFile = '', $fFilePFX = '', $fPassPFX = '', $fDescription = '', $fTimeStampService = '', $RFC = 0) If $fSignFile = '' OR $fFilePFX = '' Then Return SetError (1, 0, 'Command is badly formated ...') If NOT fPingHost($fFilePFX) OR NOT FileExists ($fFilePFX) Then Return SetError (1, 1, '"Personal Information Exchange" file could not be found.') Local $fSignFileList = '', $fSignScriptList = '' $fSignFile = StringSplit ($fSignFile, '|') For $i = 1 to $fSignFile[0] If NOT fPingHost($fSignFile[$i]) OR NOT FileExists ($fSignFile[$i]) Then ContinueLoop If StringRight ($fSignFile[$i], 4) = '.vbs' OR StringRight ($fSignFile[$i], 4) = '.ps1' Then $fSignScriptList &= ' "' & $fSignFile[$i] & '"' Else $fSignFileList &= ' "' & $fSignFile[$i] & '"' EndIf Next If $fSignFileList = '' AND $fSignScriptList = '' Then Return SetError (1, 2, 'Files could not be found.') Local $fSignFileDigestAlgorithm = 'sha256', $fSignScriptDigestAlgorithm = 'sha1' If $fPassPFX <> '' Then $fPassPFX = ' /p "' & $fPassPFX & '"' If $fDescription <> '' Then $fDescription = ' /d "' & $fDescription & '"' If $fTimeStampService <> '' Then If NOT $RFC Then $fSignFileTimeStampService = ' /t "' & $fTimeStampService & '"' $fSignScriptTimeStampService = ' /t "' & $fTimeStampService & '"' Else $fSignFileTimeStampService = ' /tr "' & $fTimeStampService & '" /td ' & $fSignFileDigestAlgorithm $fSignScriptTimeStampService = ' /tr "' & $fTimeStampService & '" /td ' & $fSignScriptDigestAlgorithm EndIf EndIf If NOT FileExists ($BIN & '\SignTool\signtool.exe') Then $7zip = Run ($BIN & '\7za.exe x -bd -o"' & $BIN & '" "' & $BIN & '\' & @OSArch & '.7z" "SignTool"' , $BIN, @SW_HIDE) ProcessWaitClose ($7zip, 30) If ProcessExists ($7zip) Then ProcessClose ($7zip) Return SetError (1, 3, 'Could not extract files needed to digitaly sign files.') EndIf If NOT FileExists ($BIN & '\SignTool\signtool.exe') Then Return SetError (1, 3, 'Could not extract files needed to digitaly sign files.') EndIf If $fSignFileList <> '' Then $ferrorSign = RunWait ($BIN & '\SignTool\signtool.exe sign /q /f "' & $fFilePFX & '"' & $fPassPFX & ' /fd ' & $fSignFileDigestAlgorithm & ' /u 1.3.6.1.5.5.7.3.3' & $fDescription & $fSignFileTimeStampService & $fSignFileList, $BIN & '\SignTool', @SW_HIDE) If $ferrorSign = 1 Then Return SetError (1, 4, 'Files could not be signed.') If $ferrorSign = 2 Then Return SetError (1, 5, 'Files could not be timestamped.') EndIf If $fSignScriptList <> '' Then $ferrorSign = RunWait ($BIN & '\SignTool\signtool.exe sign /q /f "' & $fFilePFX & '"' & $fPassPFX & ' /fd ' & $fSignScriptDigestAlgorithm & ' /u 1.3.6.1.5.5.7.3.3' & $fDescription & $fSignScriptTimeStampService & $fSignScriptList, $BIN & '\SignTool', @SW_HIDE) If $ferrorSign = 1 Then Return SetError (1, 4, 'Files could not be signed.') If $ferrorSign = 2 Then Return SetError (1, 5, 'Files could not be timestamped.') EndIf Return SetError (0, 0, '') EndFunc ;-> fSign Func fCert($fEngine = '', $fType = '', $fPurpose = '', $fUnencrypted = FALSE, $fCertCA = '', $fPVKCA = '', $fPVKCAPass = '', $fPath = '', $fRequest = '', $fPVK = '', $fPVKLength = '', $fPVKPass = '', $fHash = '', $fValidityStart = '', $fValidity = '', $fC = '', $fST = '', $fL = '', $fLP = '', $fLA = '', $fO = '', $fOU = '', $fE = '', $fDC = '', $fCN = '', $fSAN = '') #CS Enhanced Key Usage OID 1.3.6.1.5.5.7.3.1 - Server Authentication 1.3.6.1.5.5.7.3.2 - Client Authentication 1.3.6.1.5.5.7.3.3 - Code Signing 1.3.6.1.5.5.7.3.4 - Email Protection 1.3.6.1.5.5.7.3.5 - IPSec End System 1.3.6.1.5.5.7.3.6 - IPSec Tunnel 1.3.6.1.5.5.7.3.7 - IPSec User 1.3.6.1.5.5.7.3.8 - Time Stamping 1.3.6.1.5.5.7.3.9 - OCSP Signing 1.3.6.1.4.1.311.10.3.4 - Encrypting File System 1.3.6.1.4.1.311.10.3.4.1 - Encrypting File System Recovery (File Recovery) #CE Local $faEngine[3] = [2, 'OpenSSL', 'MakeCert'] ; $fEngine Local $faCertType[4] = [3, 'CA', 'Cert', 'SelfSigned'] ; $fType Local $faCertPurpose[4][3] = [[3], ['CertSign','ca_cert',''], _ ; $fPurpose ['Authentication','server_cert','1.3.6.1.5.5.7.3.1'], _ ['CodeSign','code_cert','1.3.6.1.5.5.7.3.3']] For $i = 1 To $faEngine[0] If $fEngine = $faEngine[$i] Then ExitLoop If $i = $faEngine[0] Then Return SetError (1, 0, 'Command 1 is badly formated ...') Next For $i = 1 To $faCertType[0] If $fType = $faCertType[$i] Then ExitLoop If $i = $faCertType[0] Then Return SetError (1, 0, 'Command 2 is badly formated ...') Next For $i = 1 To $faCertPurpose[0][0] If $fPurpose = $faCertPurpose[$i][0] Then ExitLoop If $i = $faCertPurpose[0][0] Then Return SetError (1, 0, 'Command 3 is badly formated ...') Next If NOT IsBool ($fUnencrypted) Then Return SetError (1, 0, 'Command is badly formated ...') If $fType = 'CA' AND $fPurpose <> 'CertSign' Then Return SetError (1, 0, 'Command is badly formated ...') If $fType <> 'CA' AND $fPurpose = 'CertSign' Then Return SetError (1, 0, 'Command is badly formated ...') If $fPath = '' OR $fHash = '' OR $fPVKLength = '' OR $fValidityStart = '' OR $fValidity = '' OR $fCN = '' Then Return SetError (1, 0, 'Command is badly formated ...') If $fEngine = 'OpenSSL' Then If $fType <> 'CA' AND $fRequest = '' Then Return SetError (1, 0, 'Command is badly formated ...') If $fPVK = '' Then Return SetError (1, 0, 'Command is badly formated ...') If $fRequest = 'PVK' AND $fPVKPass = '' Then Return SetError (1, 0, 'Command is badly formated ...') If $fType = 'Cert' AND $fPVKCAPass = '' Then Return SetError (1, 0, 'Command is badly formated ...') EndIf If $fType = 'CA' AND ($fC = '' OR $fST = '') Then Return SetError (1, 0, 'Command is badly formated ...') If $fType = 'Cert' AND ($fCertCA = '' OR $fPVKCA = '') Then Return SetError (1, 0, 'Command is badly formated ...') $faValidityStart = StringSplit ($fValidityStart, '.') If $faValidityStart[0] <> 3 Then Return SetError (1, 0, 'Command is badly formated ...') Local $fLocalTime = '[' & @YEAR & '-' & @MON & '-' & @MDAY & '] [' & @HOUR & '-' & @MIN & '-' & @SEC & ']' ;____________________________________________________________________________________________________ If $fEngine = 'OpenSSL' Then If NOT FileExists ($BIN & '\OpenSSL\openssl.exe') Then $7zip = Run ($BIN & '\7za.exe x -bd -o"' & $BIN & '" "' & $BIN & '\' & @OSArch & '.7z" "OpenSSL"' , $BIN, @SW_HIDE) ProcessWaitClose ($7zip, 30) If ProcessExists ($7zip) Then ProcessClose ($7zip) Return SetError (1, 0, 'Could not extract files needed to create certificate.') EndIf If NOT FileExists ($BIN & '\OpenSSL\openssl.exe') Then Return SetError (1, 0, 'Could not extract files needed to create certificate.') EndIf $faValidityEnd = StringSplit ($fValidity, '.') If $faValidityEnd[0] <> 3 Then Return SetError (1, 0, 'Command is badly formated ...') Local $fTemp = $BIN & '\OpenSSL\CA' If NOT fCreateTemp($fTemp) Then Return SetError (1, 0, 'Could not create files needed to create certificate.') If $fRequest = 'PVK' Then If NOT FileExists ($fPVK) Then Return SetError (1, 0, '"Private Key" is not accessible.') Else If NOT FileExists ($fPVK) Then Return SetError (1, 0, '"Certificate Request file" is not accessible.') EndIf Local $fUTCTime = '000000' ; UTC time HHmmss Local $fStartDate = $faValidityStart[3] & $faValidityStart[2] & $faValidityStart[1] & $fUTCTime & 'Z' Local $fEndDate = $faValidityEnd[3] & $faValidityEnd[2] & $faValidityEnd[1] & $fUTCTime & 'Z' Local $fValidityDays = fGetDays($faValidityEnd[3], $faValidityEnd[2], $faValidityEnd[1]) - fGetDays($faValidityStart[3], $faValidityStart[2], $faValidityStart[1]) Local $fFileName = fGetName($fCN) If @error Then Return SetError (1, 0, 'Please choose another "Common Name (CN)".') For $i = 1 To $faCertPurpose[0][0] If $fPurpose <> $faCertPurpose[$i][0] Then ContinueLoop $fPurpose = $faCertPurpose[$i][1] ExitLoop Next $fCertPath = $fPath & '\' & $fFileName & '\' & $fLocalTime If FileExists ($fCertPath) AND NOT DirRemove ($fCertPath, 1) Then Return SetError (1, 0, 'Could not create export path.') If NOT DirCreate ($fCertPath) Then Return SetError (1, 0, 'Could not create export path.') If $fUnencrypted Then Local $fUnencryptedPath = $fCertPath & '\Unencrypted' If NOT FileExists ($fUnencryptedPath) AND NOT DirCreate ($fUnencryptedPath) Then Return SetError (1, 0, 'Could not create files needed to create unencrypted "Private Key" and "Certificate" pair.') EndIf If NOT IniWrite ($fTemp & '\ca.ini', 'ca_default', 'default_md', $fHash) Then Return SetError (1, 0, 'Could not configure OpenSSL options.') If NOT IniWrite ($fTemp & '\ca.ini', 'req', 'default_md', $fHash) Then Return SetError (1, 0, 'Could not configure OpenSSL options.') Local $faSubject[11][2] = [[10], ['countryName',fGetSubject($fEngine, $fC)], _ ['stateOrProvinceName',fGetSubject($fEngine, $fST)], _ ['localityName',fGetSubject($fEngine, $fL)], _ ['postalCode',fGetSubject($fEngine, $fLP)], _ ['streetAddress',fGetSubject($fEngine, $fLA)], _ ['organizationName',fGetSubject($fEngine, $fO)], _ ['organizationalUnitName',fGetSubject($fEngine, $fOU)], _ ['emailAddress',fGetSubject($fEngine, $fE)], _ ['domainComponent',fGetSubject($fEngine, $fDC)], _ ['commonName',fGetSubject($fEngine, $fCN)]] If NOT IniWriteSection ($fTemp & '\ca.ini', 'req_distinguished_name', $faSubject) Then Return SetError (1, 0, 'Could not configure OpenSSL options.') For $i = 1 To $faSubject[0][0] If $faSubject[$i][1] = '' AND NOT IniDelete ($fTemp & '\ca.ini', 'req_distinguished_name', $faSubject[$i][0]) Then Return SetError (1, 0, 'Could not configure OpenSSL options.') Next If $fSAN = '' OR (IsArray ($fSAN) AND $fSAN[0][0] = 0) Then If NOT IniDelete ($fTemp & '\ca.ini', $fPurpose, 'subjectAltName') Then Return SetError (1, 0, 'Could not configure OpenSSL options.') Else If NOT IniWriteSection ($fTemp & '\ca.ini', 'subject_alt_names', $fSAN) Then Return SetError (1, 0, 'Could not configure OpenSSL options.') If NOT IniWrite ($fTemp & '\ca.ini', $fPurpose, 'subjectAltName', '@subject_alt_names') Then Return SetError (1, 0, 'Could not configure OpenSSL options.') EndIf If NOT IniWrite ($fTemp & '\ca.ini', 'req', 'prompt', 'no') Then Return SetError (1, 0, 'Could not configure OpenSSL options.') ;____________________________________________________________________________________________________ If $fType = 'CA' Then ; Create Certificate (PEM) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe req -new -x509 -days ' & $fValidityDays & ' -config "' & $fTemp & '\ca.ini" -extensions "' & $fPurpose & '" -key "' & $fPVK & '" -passin pass:' & $fPVKPass & ' -out "' & $fCertPath & '\' & $fFileName & '.cert.pem"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate" could not be created.') ;____________________________________________________________________________________________________ ElseIf $fType = 'SelfSigned' Then ; Create Certificate Signing Request (CSR) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe req -new -' & $fHash & ' -config "' & $fTemp & '\ca.ini" -extensions "' & $fPurpose & '" -key "' & $fPVK & '" -passin pass:' & $fPVKPass & ' -out "' & $fTemp & '\csr\' & $fFileName & '.csr.pem"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate Signing Request" could not be created.') ; Create Certificate (PEM) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe ca -batch -selfsign -notext -md ' & $fHash & ' -startdate ' & $fStartDate & ' -enddate ' & $fEndDate & ' -config "' & $fTemp & '\ca.ini" -extensions "' & $fPurpose & '" -keyfile "' & $fPVK & '" -passin pass:' & $fPVKPass & ' -in "' & $fTemp & '\csr\' & $fFileName & '.csr.pem" -out "' & $fCertPath & '\' & $fFileName & '.cert.pem"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate" could not be created.') ;____________________________________________________________________________________________________ ElseIf $fType = 'Cert' Then If NOT FileExists ($fCertCA) Then Return SetError (1, 0, '"CA Certificate" is not accessible.') If NOT FileExists ($fPVKCA) Then Return SetError (1, 0, '"CA Private Key" is not accessible.') If $fRequest = 'PVK' Then ; Create Certificate Signing Request (CSR) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe req -new -' & $fHash & ' -config "' & $fTemp & '\ca.ini" -extensions "' & $fPurpose & '" -key "' & $fPVK & '" -passin pass:' & $fPVKPass & ' -out "' & $fTemp & '\csr\' & $fFileName & '.csr.pem"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate Signing Request" could not be created.') Else ; Copy Certificate Signing Request (CSR) If NOT FileCopy ($fPVK, $fTemp & '\csr\' & $fFileName & '.csr.pem', 1) Then Return SetError (1, 0, '"Certificate Signing Request" could not be created.') EndIf ; Create Certificate (PEM) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe ca -batch -notext -md ' & $fHash & ' -startdate ' & $fStartDate & ' -enddate ' & $fEndDate & ' -config "' & $fTemp & '\ca.ini" -extensions "' & $fPurpose & '" -cert "' & $fCertCA & '" -keyfile "' & $fPVKCA & '" -passin pass:' & $fPVKCAPass & ' -in "' & $fTemp & '\csr\' & $fFileName & '.csr.pem" -out "' & $fCertPath & '\' & $fFileName & '.cert.pem"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate" could not be created.') EndIf ; Convert Certificate to DER format (CER) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe x509 -outform DER -in "' & $fCertPath & '\' & $fFileName & '.cert.pem" -out "' & $fCertPath & '\' & $fFileName & '.cer"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, 'Could not convert "Certificate" to DER encoding.') $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe x509 -inform DER -in "' & $fCertPath & '\' & $fFileName & '.cer" -outform PEM -out "' & $fCertPath & '\' & $fFileName & '.crt"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, 'Could not convert "Certificate" to PEM encoding.') If $fRequest = 'PVK' Then ; Create Personal Information Exchange file (PFX) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe pkcs12 -export -inkey "' & $fPVK & '" -passin pass:' & $fPVKPass & ' -in "' & $fCertPath & '\' & $fFileName & '.cert.pem" -out "' & $fCertPath & '\' & $fFileName & '.pfx" -passout pass:' & $fPVKPass, $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Personal Information Exchange" file could not be created.') ; Create Legacy Personal Information Exchange file (PFX) ; Uses 3DES insted of AES256 encryption algorithm because "Windows Server 2012R2" and older operating systems do not support newer standards $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe pkcs12 -legacy -provider-path "' & $BIN & '\OpenSSL\modules" -export -inkey "' & $fPVK & '" -passin pass:' & $fPVKPass & ' -in "' & $fCertPath & '\' & $fFileName & '.cert.pem" -out "' & $fCertPath & '\' & $fFileName & '.legacy.pfx" -passout pass:' & $fPVKPass, $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Legacy Personal Information Exchange" file could not be created.') If $fUnencrypted Then ; Create unencrypted Private Key (KEY) $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe pkcs12 -nodes -nocerts -in "' & $fCertPath & '\' & $fFileName & '.pfx" -passin pass:' & $fPVKPass & ' -out "' & $fUnencryptedPath & '\' & $fFileName & '.key"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, 'Unencrypted "Private Key" could not be created.') ; Create unencrypted Private Key (KEY) and Certificate (CERT) pair (PAIR) #CS $ferrorCert = RunWait ($BIN & '\OpenSSL\openssl.exe pkcs12 -clcerts -nokeys -in "' & $fCertPath & '\' & $fFileName & '.pfx" -passin pass:' & $fPVKPass & ' -out "' & $fUnencryptedPath & '\' & $fFileName & '.cert"', $BIN & '\OpenSSL', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, 'Unencrypted "Private Key" and "Certificate" pair could not be created.') #CE If NOT FileCopy ($fCertPath & '\' & $fFileName & '.crt', $fUnencryptedPath & '\' & $fFileName & '.cert', 1) Then Return SetError (1, 0, 'Unencrypted "Certificate" could not be created.') $ferrorCert = RunWait (@ComSpec & ' /C COPY /V /Y /B "' & $fUnencryptedPath & '\' & $fFileName & '.key" + "' & $fUnencryptedPath & '\' & $fFileName & '.cert" "' & $fUnencryptedPath & '\' & $fFileName & '.pair.pem"', $fUnencryptedPath, @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, 'Unencrypted "Private Key" and "Certificate" pair could not be created.') EndIf Else ; "Certificate Signing Request (CSR)" file does not contain Private Key so "Personal Information Exchange (PFX)" file and unencrypted "Private Key (KEY)" can not be created EndIf ;____________________________________________________________________________________________________ ElseIf $fEngine = 'MakeCert' Then If NOT FileExists ($BIN & '\MakeCert\makecert.exe') OR NOT FileExists ($BIN & '\MakeCert\pvk2pfx.exe') Then $7zip = Run ($BIN & '\7za.exe x -bd -o"' & $BIN & '" "' & $BIN & '\' & @OSArch & '.7z" "MakeCert"' , $BIN, @SW_HIDE) ProcessWaitClose ($7zip, 30) If ProcessExists ($7zip) Then ProcessClose ($7zip) Return SetError (1, 0, 'Could not extract files needed to create certificate.') EndIf If NOT FileExists ($BIN & '\MakeCert\makecert.exe') OR NOT FileExists ($BIN & '\MakeCert\pvk2pfx.exe') Then Return SetError (1, 0, 'Could not extract files needed to create certificate.') EndIf Local $fStartDate = $faValidityStart[2] & '/' & $faValidityStart[1] & '/' & $faValidityStart[3] Local $fFileName = fGetName($fCN) If @error Then Return SetError (1, 0, 'Please choose another "Common Name (CN)".') For $i = 1 To $faCertPurpose[0][0] If $fPurpose <> $faCertPurpose[$i][0] Then ContinueLoop $fPurpose = $faCertPurpose[$i][2] ExitLoop Next $fCertPath &= '\' & $fFileName Local $fPVKPath = $fCertPath & '\PrivateKey' If FileExists ($fPVKPath) AND NOT DirRemove ($fPVKPath, 1) Then Return SetError (1, 0, 'Could not create export path.') If NOT DirCreate ($fPVKPath) Then Return SetError (1, 0, 'Could not create export path.') $fCertPath &= '\' & $fLocalTime If FileExists ($fCertPath) AND NOT DirRemove ($fCertPath, 1) Then Return SetError (1, 0, 'Could not create export path.') If NOT DirCreate ($fCertPath) Then Return SetError (1, 0, 'Could not create export path.') Local $fPFXPass = '' If $fPVKPass <> '' Then $fPFXPass = ' -po ' & $fPVKPass Local $fSubject = '' $fSubject &= 'CN=' & fGetSubject($fEngine, $fCN) If $fDC <> '' Then $fSubject &= ',DC=' & fGetSubject($fEngine, $fDC) If $fE <> '' Then $fSubject &= ',E=' & fGetSubject($fEngine, $fE) If $fOU <> '' Then $fSubject &= ',OU=' & fGetSubject($fEngine, $fOU) If $fO <> '' Then $fSubject &= ',O=' & fGetSubject($fEngine, $fO) If $fLA <> '' Then $fSubject &= ',STREET=' & fGetSubject($fEngine, $fLA) If $fLP <> '' Then $fSubject &= ',PostalCode=' & fGetSubject($fEngine, $fLP) If $fL <> '' Then $fSubject &= ',L=' & fGetSubject($fEngine, $fL) If $fST <> '' Then $fSubject &= ',ST=' & fGetSubject($fEngine, $fST) If $fC <> '' Then $fSubject &= ',C=' & fGetSubject($fEngine, $fC) ;____________________________________________________________________________________________________ If $fType = 'CA' Then ; Create Private Key and Certificate (PVK & CER) $ferrorCert = RunWait ($BIN & '\MakeCert\makecert.exe -n "' & $fSubject & '" -r -a ' & $fHash & ' -len ' & $fPVKLength & ' -b ' & $fStartDate & ' -m ' & $fValidity & ' -cy Authority -sky Signature -sv "' & $fPVKPath & '\' & $fFileName & '.pvk" "' & $fCertPath & '\' & $fFileName & '.cer"', $BIN & '\MakeCert', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"CA Certificate" could not be created.') ; Create Personal Information Exchange file (PFX) $ferrorCert = RunWait ($BIN & '\MakeCert\pvk2pfx.exe -f -pvk "' & $fPVKPath & '\' & $fFileName & '.pvk"' & ' -spc "' & $fCertPath & '\' & $fFileName & '.cer" -pfx "' & $fCertPath & '\' & $fFileName & '.pfx"' & $fPFXPass, $BIN & '\MakeCert', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Personal Information Exchange" file could not be created.') ;____________________________________________________________________________________________________ ElseIf $fType = 'Cert' Then If NOT FileExists ($fCertCA) Then Return SetError (1, 0, '"CA Certificate" is not accessible.') If NOT FileExists ($fPVKCA) Then Return SetError (1, 0, '"CA Private Key" is not accessible.') ; Create Private Key and Certificate (PVK & CER) $ferrorCert = RunWait ($BIN & '\MakeCert\makecert.exe -n "' & $fSubject & '" -a ' & $fHash & ' -len ' & $fPVKLength & ' -b ' & $fStartDate & ' -m ' & $fValidity & ' -eku ' & $fPurpose & ' -iky Signature -sky Exchange -ic "' & $fCertCA & '" -iv "' & $fPVKCA & '" -sv "' & $fPVKPath & '\' & $fFileName & '.pvk" "' & $fCertPath & '\' & $fFileName & '.cer"', $BIN & '\MakeCert', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate" could not be created.') ; Create Personal Information Exchange file (PFX) $ferrorCert = RunWait ($BIN & '\MakeCert\pvk2pfx.exe -f -pvk "' & $fPVKPath & '\' & $fFileName & '.pvk"' & ' -spc "' & $fCertPath & '\' & $fFileName & '.cer" -pfx "' & $fCertPath & '\' & $fFileName & '.pfx"' & $fPFXPass, $BIN & '\MakeCert', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Personal Information Exchange" file could not be created.') ;____________________________________________________________________________________________________ ElseIf $fType = 'SelfSigned' Then ; Create Private Key and Certificate (PVK & CER) $ferrorCert = RunWait ($BIN & '\MakeCert\makecert.exe -n "' & $fSubject & '" -r -a ' & $fHash & ' -len ' & $fPVKLength & ' -b ' & $fStartDate & ' -m ' & $fValidity & ' -eku ' & $fPurpose & ' -sky Exchange -sv "' & $fPVKPath & '\' & $fFileName & '.pvk" "' & $fCertPath & '\' & $fFileName & '.cer"', $BIN & '\MakeCert', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Certificate" could not be created.') ; Create Personal Information Exchange file (PFX) $ferrorCert = RunWait ($BIN & '\MakeCert\pvk2pfx.exe -f -pvk "' & $fPVKPath & '\' & $fFileName & '.pvk"' & ' -spc "' & $fCertPath & '\' & $fFileName & '.cer" -pfx "' & $fCertPath & '\' & $fFileName & '.pfx"' & $fPFXPass, $BIN & '\MakeCert', @SW_HIDE) If $ferrorCert Then Return SetError (1, 0, '"Personal Information Exchange" file could not be created.') EndIf EndIf Return SetError (0, 0, '') EndFunc ;-> fCert Func fPVK($fCN = '', $fPath = '', $fEncryption = 'AES 256', $fKeyLength = '2048', $fhxDelta = '', $fhyDelta = '') If $fCN = '' Then Return SetError (1, 0, '"Common Name (CN)" not set.') If $fPath = '' Then Return SetError (1, 0, '"Private Key" export path not set.') GUISetState (@SW_DISABLE, $GUICertificate) Local $fPathPVK = $fPath & '\' & $fCN & '\PrivateKey' Local $faEncryptionType[4][2] = [[3], ['AES 128','-aes128'], ['AES 192','-aes192'], ['AES 256','-aes256']] Local $fPosition = WinGetPos ($GUICertificate) Local $fhx = $fPosition[0] + $fhxDelta, $fhy = $fPosition[1] + $fhyDelta Local $ferrorPVK = 0, $fextendedPVK = '', $fextendedPVKPass = '' $fGUIPrivateKey = GUICreate ('Create Private Key', 450, 125, $fhx, $fhy, BitOR ($WS_CAPTION, $WS_SYSMENU, $WS_POPUP), $WS_EX_TOPMOST, $GUICertificate) GUISetIcon (@AutoItExe, -07, $fGUIPrivateKey) $fgbDummyPVK = GUICtrlCreateButton ('', 0, 0, 0, 0, $BS_FLAT) GUICtrlSetState ($fgbDummyPVK, BitOR ($GUI_HIDE, $GUI_FOCUS)) GUICtrlCreateLabel ('Private Key path:', 10, 10, 100, 20) $fgiCAPVK = GUICtrlCreateInput ($fPathPVK, 115, 7, 320, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL, $ES_READONLY)) GUICtrlCreateLabel ('Encryption algorithm:', 10, 35, 100, 20) $fgcEncryption = GUICtrlCreateCombo ('', 115, 31, 110, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_SORT, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $faEncryptionType[0][0] GUICtrlSetData ($fgcEncryption, $faEncryptionType[$i][0], $fEncryption) Next GUICtrlCreateLabel ('Key length:', 265, 35, 55, 20) $fgcKeyLength = GUICtrlCreateCombo ('', 325, 31, 110, 20, BitOR ($CBS_DROPDOWNLIST, $CBS_AUTOHSCROLL, $WS_VSCROLL)) For $i = 1 To $aKeyLength[0] GUICtrlSetData ($fgcKeyLength, $aKeyLength[$i], $fKeyLength) Next GUICtrlCreateLabel ('Password:', 10, 60, 100, 20) $fgiCAPVKPass = GUICtrlCreateInput ('', 115, 57, 320, 20, BitOR ($ES_LEFT, $ES_AUTOHSCROLL, $ES_PASSWORD)) $fgbCreateKey = GUICtrlCreateButton ('Create', 360, 95, 75, 22, $BS_FLAT) GUICtrlSetTip ($fgbCreateKey, 'Create "Private Key"') GUISetState (@SW_SHOW, $fGUIPrivateKey) While 'Create Private Key' $fGUIState = GUIGetMsg () Select Case $fGUIState = $fgbCreateKey If NOT fPingHost($fPathPVK) AND MsgBox (262192, 'Digital Signature Kit', '"Private Key" path is not accessible.', 0, $fGUIPrivateKey) Then ContinueLoop If NOT FileExists ($fPathPVK) AND NOT DirCreate ($fPathPVK) AND MsgBox (262192, 'Digital Signature Kit', 'Could not create "Private Key" path.', 0, $fGUIPrivateKey) Then ContinueLoop $fEncryption = GUICtrlRead ($fgcEncryption) For $i = 1 To $faEncryptionType[0][0] If $fEncryption <> $faEncryptionType[$i][0] Then ContinueLoop $fEncryption = $faEncryptionType[$i][1] ExitLoop Next $fKeyLength = GUICtrlRead ($fgcKeyLength) $fCAPVKPass = GUICtrlRead ($fgiCAPVKPass) If StringStripWS ($fCAPVKPass, 8) = '' AND MsgBox (262192, 'Digital Signature Kit', 'Please specify encryption password.', 0, $fGUIPrivateKey) Then ContinueLoop If StringLen ($fCAPVKPass) < 5 AND MsgBox (262192, 'Digital Signature Kit', 'Your password is too weak. Please specify appropriate encryption password.', 0, $fGUIPrivateKey) Then ContinueLoop If FileExists ($fPathPVK & '\' & $fCN & '.key.pem') Then If MsgBox (262436, 'Digital Signature Kit', '"Private Key" already exist. Do you wish to replace it?', 0, $fGUIPrivateKey) = 7 Then ExitLoop If NOT FileDelete ($fPathPVK & '\' & $fCN & '.key.pem') Then Local $ferrorPVK = 1, $fextendedPVK = 'Could not replace existing "Private Key".' ExitLoop EndIf EndIf GUIDelete ($fGUIPrivateKey) If NOT FileExists ($BIN & '\OpenSSL\openssl.exe') Then $7zip = Run ($BIN & '\7za.exe x -bd -o"' & $BIN & '" "' & $BIN & '\' & @OSArch & '.7z" "OpenSSL"' , $BIN, @SW_HIDE) ProcessWaitClose ($7zip, 30) If ProcessExists ($7zip) Then ProcessClose ($7zip) Local $ferrorPVK = 1, $fextendedPVK = 'Could not extract files needed to create "Private Key".' ExitLoop EndIf If NOT FileExists ($BIN & '\OpenSSL\openssl.exe') Then Local $ferrorPVK = 1, $fextendedPVK = 'Could not extract files needed to create "Private Key".' ExitLoop EndIf EndIf Local $fextendedPVK = $fPathPVK & '\' & $fCN & '.key.pem', $fextendedPVKPass = $fCAPVKPass $ferrorPVK = RunWait ($BIN & '\OpenSSL\openssl.exe genrsa ' & $fEncryption & ' -out "' & $fPathPVK & '\' & $fCN & '.key.pem" -passout pass:' & $fCAPVKPass & ' ' & $fKeyLength, $BIN & '\OpenSSL', @SW_HIDE) If $ferrorPVK Then $fextendedPVK = 'Could not create "Private Key".' ExitLoop ; # CONVERT TO PVK FORMAT # ; Remark: not compatible with MakeCert or OpenSSL v3 ; $BIN & '\OpenSSL\openssl.exe rsa -inform PEM -outform PVK -pvk-strong -in "' & $fPathPVK & '\' & $fCN & '.key.pem" -passin pass:' & $fCAPVKPass & ' -out "' & $fPathPVK & '\' & $fCN & '.pvk" -passout pass:' & $fCAPVKPass Case $fGUIState = $GUI_EVENT_CLOSE ExitLoop EndSelect WEnd GUISetState (@SW_ENABLE, $GUICertificate) GUIDelete ($fGUIPrivateKey) If $ferrorPVK Then Return SetError (1, 0, $fextendedPVK) Local $faReturn[3] = [2, $fextendedPVK, $fextendedPVKPass] Return SetError (0, 0, $faReturn) EndFunc ;-> fPVK Func fCreateTemp($fTemp = '') If $fTemp = '' Then Return SetError (1, 0, 0) If FileExists ($fTemp) AND NOT DirRemove ($fTemp, 1) Then Return SetError (1, 0, 0) If NOT DirCreate ($fTemp) Then Return SetError (1, 0, 0) If NOT DirCreate ($fTemp & '\certs') Then Return SetError (1, 0, 0) If NOT DirCreate ($fTemp & '\crl') Then Return SetError (1, 0, 0) If NOT DirCreate ($fTemp & '\csr') Then Return SetError (1, 0, 0) If NOT DirCreate ($fTemp & '\newcerts') Then Return SetError (1, 0, 0) If NOT DirCreate ($fTemp & '\private') Then Return SetError (1, 0, 0) If NOT FileWrite ($fTemp & '\index.txt', '') Then Return SetError (1, 0, 0) If NOT FileWrite ($fTemp & '\index.txt.attr', '') Then Return SetError (1, 0, 0) If NOT FileWrite ($fTemp & '\serial', '1000') Then Return SetError (1, 0, 0) If NOT FileWrite ($fTemp & '\crlnumber', '1000') Then Return SetError (1, 0, 0) Local $fnINI = 11 Local $faINI1[2][2] = [[1,'ca'], ['default_ca','ca_default']] Local $faINI2[20][2] = [[19,'ca_default'], ['dir',StringReplace ($fTemp, '\', '/')], _ ['certs','$dir/certs'], _ ['crl_dir','$dir/crl'], _ ['new_certs_dir','$dir/newcerts'], _ ['database','$dir/index.txt'], _ ['serial','$dir/serial'], _ ['crlnumber','$dir/crlnumber'], _ ['RANDFILE','$dir/private/.rand'], _ ['private_key','$dir/private/ca.key.pem'], _ ['certificate','$dir/certs/ca.cert.pem'], _ ['crl','$dir/crl/ca.crl.pem'], _ ['crl_extensions','crl_ext'], _ ['default_crl_days','30'], _ ['default_md','sha256'], _ ['name_opt','ca_default'], _ ['cert_opt','ca_default'], _ ['default_days','375'], _ ['preserve','no'], _ ['policy','policy_default']] Local $faINI3[11][2] = [[10,'policy_default'], ['countryName','optional'], _ ['stateOrProvinceName','optional'], _ ['localityName','optional'], _ ['postalCode','optional'], _ ['streetAddress','optional'], _ ['organizationName','optional'], _ ['organizationalUnitName','optional'], _ ['emailAddress','optional'], _ ['domainComponent','optional'], _ ['commonName','supplied']] Local $faINI4[7][2] = [[6,'req'], ['default_bits','2048'], _ ['distinguished_name','req_distinguished_name'], _ ['string_mask','utf8only'], _ ['default_md','sha256'], _ ['x509_extensions','ca_cert'], _ ['prompt','yes']] Local $faINI5[21][2] = [[20,'req_distinguished_name'], ['countryName','Country Name (2 letter code)'], _ ['stateOrProvinceName','State or Province Name'], _ ['localityName','Location Name'], _ ['postalCode','Postal Code'], _ ['streetAddress','Street Address'], _ ['0.organizationName','Organization Name'], _ ['organizationalUnitName','Organizational Unit Name'], _ ['0.emailAddress','email Address'], _ ['domainComponent','Domain'], _ ['0.commonName','Common Name'], _ ['countryName_default',''], _ ['stateOrProvinceName_default',''], _ ['localityName_default',''], _ ['postalCode_default',''], _ ['streetAddress_default',''], _ ['0.organizationName_default',''], _ ['organizationalUnitName_default',''], _ ['0.emailAddress_default',''], _ ['domainComponent_default',''], _ ['0.commonName_default','']] Local $faINI6[6][2] = [[5,'ca_cert'], ['basicConstraints','critical, CA:TRUE'], _ ['subjectKeyIdentifier','hash'], _ ['authorityKeyIdentifier','keyid:always,issuer'], _ ['keyUsage','critical, digitalSignature, cRLSign, keyCertSign'], _ ['subjectAltName','@subject_alt_names']] Local $faINI7[9][2] = [[8,'usr_cert'], ['basicConstraints','CA:FALSE'], _ ['subjectKeyIdentifier','hash'], _ ['authorityKeyIdentifier','keyid,issuer'], _ ['keyUsage','critical, nonRepudiation, digitalSignature, keyEncipherment'], _ ['extendedKeyUsage','clientAuth, emailProtection'], _ ['nsCertType','client, email'], _ ['nsComment','"OpenSSL Generated Client Certificate"'], _ ['subjectAltName','@subject_alt_names']] Local $faINI8[9][2] = [[8,'server_cert'], ['basicConstraints','CA:FALSE'], _ ['subjectKeyIdentifier','hash'], _ ['authorityKeyIdentifier','keyid,issuer:always'], _ ['keyUsage','critical, digitalSignature, keyEncipherment'], _ ['extendedKeyUsage','serverAuth'], _ ['nsCertType','server'], _ ['nsComment','"OpenSSL Generated Server Certificate"'], _ ['subjectAltName','@subject_alt_names']] Local $faINI9[9][2] = [[8,'code_cert'], ['basicConstraints','CA:FALSE'], _ ['subjectKeyIdentifier','hash'], _ ['authorityKeyIdentifier','keyid,issuer'], _ ['keyUsage','critical, digitalSignature'], _ ['extendedKeyUsage','codeSigning'], _ ['nsCertType','client, objsign'], _ ['nsComment','"OpenSSL Generated Code Signing Certificate"'], _ ['subjectAltName','@subject_alt_names']] Local $faINI10[2][2] = [[1,'crl_ext'], ['authorityKeyIdentifier','keyid:always']] Local $faINI11[5][2] = [[4,'subject_alt_names'], ['DNS.1',''], _ ['IP.1',''], _ ['URI.1',''], _ ['email.1','']] For $i = 1 To $fnINI If NOT IniWriteSection ($fTemp & '\ca.ini', Eval ('faINI' & $i)[0][1], Eval ('faINI' & $i)) Then Return SetError (1, 0, 0) Next Return SetError (0, 0, 1) EndFunc ;-> fCreateTemp Func fForm($fForm = '', $fAction = 'Load', $fForms = FALSE) If $fForm = '' Then Return SetError (1, 0, 'Command badly formated.') If $fAction = 'Save' OR $fAction = 'Template' Then Local $fSAN = '' For $i = 1 To $aSAN[0][0] $fSAN &= $aSAN[$i][0] & '|' & $aSAN[$i][1] & '|' Next $fSAN = StringTrimRight ($fSAN, 1) Local $fEngine = 'OpenSSL' If GUICtrlRead ($gmCertEngineMakeCert) = BitOR ($GUI_ENABLE, $GUI_CHECKED) Then $fEngine = 'MakeCert' Local $fUnencrypted = 0 If GUICtrlRead ($gcbOUnencrypted) = $GUI_CHECKED Then $fUnencrypted = 1 Local $fCASAN = '' For $i = 1 To $aCASAN[0][0] $fCASAN &= $aCASAN[$i][0] & '|' & $aCASAN[$i][1] & '|' Next $fCASAN = StringTrimRight ($fCASAN, 1) Local $faGeneral[35][2] = [[34,'GENERAL'], ['PFXFile',fGetShortPath(GUICtrlRead ($giFilePFX))], _ ['PFXPass',fBase64(GUICtrlRead ($giPassPFX), TRUE)], _ ['TSS',GUICtrlRead ($gcTSS)], _ ['Engine',$fEngine], _ ['CertType',GUICtrlRead ($gcCertType)], _ ['CertPurpose',GUICtrlRead ($gcCertPurpose)], _ ['CertUnencrypted',$fUnencrypted], _ ['CertCA',fGetShortPath(GUICtrlRead ($giCertCA))], _ ['PVKCA',fGetShortPath(GUICtrlRead ($giPVKCA))], _ ['PVKCAPass',fBase64(GUICtrlRead ($giPVKCAPass), TRUE)], _ ['ExportPath',fGetShortPath(GUICtrlRead ($giPath))], _ ['SignatureHash',GUICtrlRead ($gcHash)], _ ['PVKLength',GUICtrlRead ($gcMPVKLength)], _ ['C',GUICtrlRead ($giC)], _ ['ST',GUICtrlRead ($giST)], _ ['L',GUICtrlRead ($giL)], _ ['LP',GUICtrlRead ($giLP)], _ ['LA',GUICtrlRead ($giLA)], _ ['O',GUICtrlRead ($giO)], _ ['OU',GUICtrlRead ($giOU)], _ ['E',GUICtrlRead ($giE)], _ ['DC',GUICtrlRead ($giDC)], _ ['CAExportPath',fGetShortPath(GUICtrlRead ($giCAPath))], _ ['CASignatureHash',GUICtrlRead ($gcCAHash)], _ ['CAPVKLength',GUICtrlRead ($gcMCAPVKLength)], _ ['CAC',GUICtrlRead ($giCAC)], _ ['CAST',GUICtrlRead ($giCAST)], _ ['CAL',GUICtrlRead ($giCAL)], _ ['CALP',GUICtrlRead ($giCALP)], _ ['CALA',GUICtrlRead ($giCALA)], _ ['CAO',GUICtrlRead ($giCAO)], _ ['CAOU',GUICtrlRead ($giCAOU)], _ ['CAE',GUICtrlRead ($giCAE)], _ ['CADC',GUICtrlRead ($giCADC)]] Local $faSpecific[16][2] = [[15,'SPECIFIC'], ['SGNDescription',GUICtrlRead ($giDescription)], _ ['SGNFile',$SignFiles], _ ['CertRequest',GUICtrlRead ($gcOCertRequest)], _ ['PVK',fGetShortPath(GUICtrlRead ($giOPVK))], _ ['PVKPass',fBase64(GUICtrlRead ($giPVKPass), TRUE)], _ ['ValidityStart',GUICtrlRead ($gdValidityStart)], _ ['Validity',GUICtrlRead ($giValidity)], _ ['CN',GUICtrlRead ($giCN)], _ ['SAN',$fSAN], _ ['CAPVK',fGetShortPath(GUICtrlRead ($giOCAPVK))], _ ['CAPVKPass',fBase64(GUICtrlRead ($giCAPVKPass), TRUE)], _ ['CAValidityStart',GUICtrlRead ($gdCAValidityStart)], _ ['CAValidity',GUICtrlRead ($giCAValidity)], _ ['CACN',GUICtrlRead ($giCACN)], _ ['CASAN',$fCASAN]] If FileExists ($fForm) AND NOT FileDelete ($fForm) Then Return SetError (1, 0, 'Existing file could not be overwritten.') $fFormPath = StringLeft ($fForm, StringInStr ($fForm, '\', 0, -1) - 1) If NOT FileExists ($fFormPath) AND NOT DirCreate ($fFormPath) Then Return SetError (1, 0, 'Form could not be saved.') If NOT IniWriteSection ($fForm, $faGeneral[0][1], $faGeneral) Then Return SetError (1, 0, 'Form could not be saved.') If $fForm <> $DefaultConfigPath AND $fAction <> 'Template' Then If NOT IniWriteSection ($fForm, $faSpecific[0][1], $faSpecific) Then Return SetError (1, 0, 'Form could not be saved.') EndIf Return SetError (0, 0, 'Form saved.') ElseIf $fAction = 'Load' Then fResetData('Digital Signature Kit') Local $fFilePFX = fGetShortPath(IniRead ($fForm, 'GENERAL', 'PFXFile', ''), FALSE) Local $fPassPFX = fBase64(IniRead ($fForm, 'GENERAL', 'PFXPass', '')) Local $fTSS = IniRead ($fForm, 'GENERAL', 'TSS', '') Local $fSignDescription = IniRead ($fForm, 'SPECIFIC', 'SGNDescription', '') Local $fSignFile = IniRead ($fForm, 'SPECIFIC', 'SGNFile', '') $SignFiles = $fSignFile GUICtrlSetData ($giFilePFX, $fFilePFX) GUICtrlSetData ($giPassPFX, $fPassPFX) For $i = 1 To $aTimeStampServers[0] If $fTSS = $aTimeStampServers[$i] Then GUICtrlSetData ($gcTSS, $fTSS) ExitLoop EndIf Next GUICtrlSetData ($giDescription, $fSignDescription) If $fSignFile <> '' Then GUICtrlSetData ($gliFiles, $SignFiles) fResetData('Create Certificate') Local $fEngine = IniRead ($fForm, 'GENERAL', 'Engine', 'OpenSSL') Local $fCertType = IniRead ($fForm, 'GENERAL', 'CertType', 'CA Issued Certificate') Local $fCertPurpose = IniRead ($fForm, 'GENERAL', 'CertPurpose', 'Server authentication') Local $fCertUnencrypted = Number (IniRead ($fForm, 'GENERAL', 'CertUnencrypted', '0')) Local $fCertCA = fGetShortPath(IniRead ($fForm, 'GENERAL', 'CertCA', ''), FALSE) Local $fPVKCA = fGetShortPath(IniRead ($fForm, 'GENERAL', 'PVKCA', ''), FALSE) Local $fPVKCAPass = fBase64(IniRead ($fForm, 'GENERAL', 'PVKCAPass', '')) Local $fExportPath = fGetShortPath(IniRead ($fForm, 'GENERAL', 'ExportPath', ''), FALSE) Local $fSignatureHash = IniRead ($fForm, 'GENERAL', 'SignatureHash', 'SHA 256') Local $fPVKLength = IniRead ($fForm, 'GENERAL', 'PVKLength', '2048') Local $fC = IniRead ($fForm, 'GENERAL', 'C', '') Local $fST = IniRead ($fForm, 'GENERAL', 'ST', '') Local $fL = IniRead ($fForm, 'GENERAL', 'L', '') Local $fLP = IniRead ($fForm, 'GENERAL', 'LP', '') Local $fLA = IniRead ($fForm, 'GENERAL', 'LA', '') Local $fO = IniRead ($fForm, 'GENERAL', 'O', '') Local $fOU = IniRead ($fForm, 'GENERAL', 'OU', '') Local $fE = IniRead ($fForm, 'GENERAL', 'E', '') Local $fDC = IniRead ($fForm, 'GENERAL', 'DC', '') Local $fCAExportPath = fGetShortPath(IniRead ($fForm, 'GENERAL', 'CAExportPath', ''), FALSE) Local $fCASignatureHash = IniRead ($fForm, 'GENERAL', 'CASignatureHash', 'SHA 512') Local $fCAPVKLength = IniRead ($fForm, 'GENERAL', 'CAPVKLength', '4096') Local $fCAC = IniRead ($fForm, 'GENERAL', 'CAC', '') Local $fCAST = IniRead ($fForm, 'GENERAL', 'CAST', '') Local $fCAL = IniRead ($fForm, 'GENERAL', 'CAL', '') Local $fCALP = IniRead ($fForm, 'GENERAL', 'CALP', '') Local $fCALA = IniRead ($fForm, 'GENERAL', 'CALA', '') Local $fCAO = IniRead ($fForm, 'GENERAL', 'CAO', '') Local $fCAOU = IniRead ($fForm, 'GENERAL', 'CAOU', '') Local $fCAE = IniRead ($fForm, 'GENERAL', 'CAE', '') Local $fCADC = IniRead ($fForm, 'GENERAL', 'CADC', '') Local $fCertRequest = IniRead ($fForm, 'SPECIFIC', 'CertRequest', 'Private Key path:') Local $fPVK = fGetShortPath(IniRead ($fForm, 'SPECIFIC', 'PVK', ''), FALSE) Local $fPVKPass = fBase64(IniRead ($fForm, 'SPECIFIC', 'PVKPass', '')) Local $fValidityStart = fGetDate(IniRead ($fForm, 'SPECIFIC', 'ValidityStart', $CurrentDate), 'Y/M/D') Local $fValidity = Number (IniRead ($fForm, 'SPECIFIC', 'Validity', '12')) If $fValidity <= 0 Then $fValidity = 12 Local $fCN = IniRead ($fForm, 'SPECIFIC', 'CN', '') Local $fSAN = IniRead ($fForm, 'SPECIFIC', 'SAN', '') Local $faSAN = StringSplit ($fSAN, '|') Dim $aSAN[1][1] = [[0]] If NOT Mod ($faSAN[0], 2) Then For $i = 1 To $faSAN[0] Step 2 For $j = 1 To $aSANType[0] If $faSAN[$i] = $aSANType[$j] Then ExitLoop If $j = $aSANType[0] Then ContinueLoop 2 Next ReDim $aSAN[UBound($aSAN) + 1][2] $aSAN[0][0] = UBound($aSAN) - 1 $aSAN[$aSAN[0][0]][0] = $faSAN[$i] $aSAN[$aSAN[0][0]][1] = $faSAN[$i+1] Next EndIf Local $fCAPVK = fGetShortPath(IniRead ($fForm, 'SPECIFIC', 'CAPVK', ''), FALSE) Local $fCAPVKPass = fBase64(IniRead ($fForm, 'SPECIFIC', 'CAPVKPass', '')) Local $fCAValidityStart = fGetDate(IniRead ($fForm, 'SPECIFIC', 'CAValidityStart', $CurrentDate), 'Y/M/D') Local $fCAValidity = Number (IniRead ($fForm, 'SPECIFIC', 'CAValidity', '25')) If $fCAValidity <= 0 Then $fCAValidity = 25 Local $fCACN = IniRead ($fForm, 'SPECIFIC', 'CACN', '') Local $fCASAN = IniRead ($fForm, 'SPECIFIC', 'CASAN', '') Local $faCASAN = StringSplit ($fCASAN, '|') Dim $aCASAN[1][1] = [[0]] If NOT Mod ($faCASAN[0], 2) Then For $i = 1 To $faCASAN[0] Step 2 For $j = 1 To $aSANType[0] If $faCASAN[$i] = $aSANType[$j] Then ExitLoop If $j = $aSANType[0] Then ContinueLoop 2 Next ReDim $aCASAN[UBound($aCASAN) + 1][2] $aCASAN[0][0] = UBound($aCASAN) - 1 $aCASAN[$aCASAN[0][0]][0] = $faCASAN[$i] $aCASAN[$aCASAN[0][0]][1] = $faCASAN[$i+1] Next EndIf If $fEngine = 'MakeCert' Then $Engine = 'MakeCert' GUICtrlSetState ($gmCertEngineMakeCert, BitOR ($GUI_ENABLE, $GUI_CHECKED)) GUICtrlSetState ($gmCertEngineOpenSSL, BitOR ($GUI_ENABLE, $GUI_UNCHECKED)) Else $Engine = 'OpenSSL' GUICtrlSetState ($gmCertEngineMakeCert, BitOR ($GUI_ENABLE, $GUI_UNCHECKED)) GUICtrlSetState ($gmCertEngineOpenSSL, BitOR ($GUI_ENABLE, $GUI_CHECKED)) EndIf For $i = 1 To $aCertType[0][0] If $fCertType <> $aCertType[$i][0] Then ContinueLoop GUICtrlSetData ($gcCertType, $aCertType[$i][0]) $CertType = $aCertType[$i][1] ExitLoop Next For $i = 1 To $aCertPurpose[0][0] If $fCertPurpose <> $aCertPurpose[$i][0] Then ContinueLoop GUICtrlSetData ($gcCertPurpose, $aCertPurpose[$i][0]) $CertPurpose = $aCertPurpose[$i][1] ExitLoop Next For $i = 1 To $aCertRequest[0][0] If $fCertRequest <> $aCertRequest[$i][0] Then ContinueLoop GUICtrlSetData ($gcOCertRequest, $aCertRequest[$i][0]) $CertRequest = $aCertRequest[$i][1] ExitLoop Next fSetGUI($Engine, $CertType, $CertPurpose, $CertRequest, TRUE) If $CertPurpose = 'Authentication' AND $CertRequest <> 'REQ' AND $fCertUnencrypted <> 0 Then GUICtrlSetState ($gcbOUnencrypted, $GUI_CHECKED) If FileExists ($fCertCA) Then GUICtrlSetData ($giCertCA, $fCertCA) If FileExists ($fPVKCA) Then GUICtrlSetData ($giPVKCA, $fPVKCA) GUICtrlSetData ($giPVKCAPass, $fPVKCAPass) If FileExists ($fExportPath) Then GUICtrlSetData ($giPath, $fExportPath) For $i = 1 To $aHASH[0][0] If $fSignatureHash <> $aHASH[$i][0] Then ContinueLoop GUICtrlSetData ($gcHash, $aHASH[$i][0]) ExitLoop Next For $i = 1 To $aKeyLength[0] If $fPVKLength <> $aKeyLength[$i] Then ContinueLoop GUICtrlSetData ($gcMPVKLength, $aKeyLength[$i]) ExitLoop Next GUICtrlSetData ($giC, $fC) GUICtrlSetData ($giST, $fST) GUICtrlSetData ($giL, $fL) GUICtrlSetData ($giLP, $fLP) GUICtrlSetData ($giLA, $fLA) GUICtrlSetData ($giO, $fO) GUICtrlSetData ($giOU, $fOU) GUICtrlSetData ($giE, $fE) GUICtrlSetData ($giDC, $fDC) If FileExists ($fCAExportPath) Then GUICtrlSetData ($giCAPath, $fCAExportPath) For $i = 1 To $aHASH[0][0] If $fCASignatureHash <> $aHASH[$i][0] Then ContinueLoop GUICtrlSetData ($gcCAHash, $aHASH[$i][0]) ExitLoop Next For $i = 1 To $aKeyLength[0] If $fCAPVKLength <> $aKeyLength[$i] Then ContinueLoop GUICtrlSetData ($gcMCAPVKLength, $aKeyLength[$i]) ExitLoop Next GUICtrlSetData ($giCAC, $fCAC) GUICtrlSetData ($giCAST, $fCAST) GUICtrlSetData ($giCAL, $fCAL) GUICtrlSetData ($giCALP, $fCALP) GUICtrlSetData ($giCALA, $fCALA) GUICtrlSetData ($giCAO, $fCAO) GUICtrlSetData ($giCAOU, $fCAOU) GUICtrlSetData ($giCAE, $fCAE) GUICtrlSetData ($giCADC, $fCADC) If FileExists ($fPVK) Then GUICtrlSetData ($giOPVK, $fPVK) GUICtrlSetData ($giPVKPass, $fPVKPass) GUICtrlSetData ($gdValidityStart, $fValidityStart) GUICtrlSetData ($giValidity, $fValidity) GUICtrlSetData ($giCN, $fCN) For $i = 1 To $aSAN[0][0] Assign ('SAN' & $i, GUICtrlCreateListViewItem ($aSAN[$i][0] & '|' & $aSAN[$i][1], $glvOSAN), 2) Next If FileExists ($fCAPVK) Then GUICtrlSetData ($giOCAPVK, $fCAPVK) GUICtrlSetData ($giCAPVKPass, $fCAPVKPass) If $Engine = 'MakeCert' Then GUICtrlSetData ($gdCAValidityStart, $fCAValidityStart) GUICtrlSetData ($giCAValidity, $fCAValidity) GUICtrlSetData ($giCACN, $fCACN) For $i = 1 To $aCASAN[0][0] Assign ('CASAN' & $i, GUICtrlCreateListViewItem ($aCASAN[$i][0] & '|' & $aCASAN[$i][1], $glvOCASAN), 2) Next If $fForms Then Local $fFormsPath = '' If FileExists ($fExportPath) Then $fFormsPath = $fExportPath ElseIf FileExists ($fCAExportPath) Then $fFormsPath = $fCAExportPath EndIf If IsArray ($FormsList) Then For $i = 1 To $FormsList[0][0] GUICtrlDelete (Eval ('FormsListItem' & $i)) Next EndIf Dim $FormsList[1][1] = [[0]] $FormsList = fGetCopyFiles($fFormsPath, 1, '*.cnf') If NOT @error AND IsArray ($FormsList) Then For $i = 1 To $FormsList[0][0] Local $flCACN = IniRead ($FormsList[$i][0], 'SPECIFIC', 'CACN', '') Local $flCN = IniRead ($FormsList[$i][0], 'SPECIFIC', 'CN', '') If $flCACN <> '' Then Local $flCAValidityStart = fGetDate(IniRead ($FormsList[$i][0], 'SPECIFIC', 'CAValidityStart', $CurrentDate), 'D.M.Y') Local $flCAValidity = Number (IniRead ($FormsList[$i][0], 'SPECIFIC', 'CAValidity', '25')) Local $falCAValidityStart = StringSplit ($flCAValidityStart, '.') Local $flCAValidityEnd = fGetDate($falCAValidityStart[1] & '.' & $falCAValidityStart[2] & '.' & (Number ($falCAValidityStart[3]) + $flCAValidity), 'Y/M/D') Assign ('FormsListItem' & $i, GUICtrlCreateListViewItem ($flCAValidityEnd & '|' & '[CA] ' & $flCACN & '|' & $FormsList[$i][0], $glvForms), 2) ElseIf $flCN <> '' Then Local $flValidityStart = fGetDate(IniRead ($FormsList[$i][0], 'SPECIFIC', 'ValidityStart', $CurrentDate), 'D.M.Y') Local $flValidity = Number (IniRead ($FormsList[$i][0], 'SPECIFIC', 'Validity', '12')) Local $falValidityStart = StringSplit ($flValidityStart, '.') Local $fDeltaYears = Floor ($flValidity / 12) Local $fDeltaMonths = Mod ($flValidity, 12) $flValidityEnd = fGetDate($falValidityStart[1] & '.' & StringFormat ('%02i', Number ($falValidityStart[2]) + $fDeltaMonths) & '.' & (Number ($falValidityStart[3]) + $fDeltaYears), 'Y/M/D') Assign ('FormsListItem' & $i, GUICtrlCreateListViewItem ($flValidityEnd & '|' & $flCN & '|' & $FormsList[$i][0], $glvForms), 2) Else Assign ('FormsListItem' & $i, GUICtrlCreateListViewItem ('||' & $FormsList[$i][0], $glvForms), 2) EndIf Next EndIf EndIf Return SetError (0, 0, 'Form loaded.') EndIf EndFunc ;-> fForm Func fSetGUI($fEngine = '', $fCertType = '', $fCertPurpose = '', $fCertRequest = '', $fReset = FALSE) If $fEngine = '' OR $fCertType = '' OR $fCertPurpose = '' OR $fCertRequest = '' Then Return SetError (1, 0, 0) If $fCertType = 'SelfSigned' Then Local $fhy = 0 Dim $fCertRequest = 'PVK' For $i = 1 To $aCertRequest[0][0] If $fCertRequest <> $aCertRequest[$i][1] Then ContinueLoop GUICtrlSetData ($gcOCertRequest, $aCertRequest[$i][0]) $CertRequest = $aCertRequest[$i][1] ExitLoop Next Else Local $fhy = 50 EndIf If $fEngine = 'OpenSSL' Then If $fCertType = 'SelfSigned' Then GUICtrlSetState ($glCertCA, $GUI_HIDE) GUICtrlSetState ($giCertCA, $GUI_HIDE) GUICtrlSetState ($gbBrowseCertCA, $GUI_HIDE) GUICtrlSetState ($gbNewCertCA, $GUI_HIDE) GUICtrlSetState ($glPVKCA, $GUI_HIDE) GUICtrlSetState ($giPVKCA, $GUI_HIDE) GUICtrlSetState ($gbBrowsePVKCA, $GUI_HIDE) GUICtrlSetState ($gbNewPVKCA, $GUI_HIDE) GUICtrlSetState ($glPVKCAPass, $GUI_HIDE) GUICtrlSetState ($giPVKCAPass, $GUI_HIDE) GUICtrlSetState ($gcOCertRequest, $GUI_DISABLE) GUICtrlSetData ($glDC, 'Domain (DC):') EndIf If $fReset Then GUICtrlSetData ($giCertCA, '') GUICtrlSetData ($giPVKCA, '') GUICtrlSetData ($giPVKCAPass, '') EndIf GUICtrlSetData ($glPVKPass, 'Password:') GUICtrlSetState ($glMPVKLength, $GUI_HIDE) GUICtrlSetState ($gcMPVKLength, $GUI_HIDE) GUICtrlSetData ($gcMPVKLength, '2048') GUICtrlSetPos ($giPVKCA, 145, 87, 386, 20) GUICtrlSetPos ($gbBrowsePVKCA, 536, 86, 22, 22) GUICtrlSetPos ($gbNewPVKCA, 563, 86, 22, 22) GUICtrlSetPos ($glCN, 15, 65 + $fhy, 125, 20) GUICtrlSetPos ($giCN, 145, 62 + $fhy, 640, 20) GUICtrlSetPos ($glPath, 15, 90 + $fhy, 125, 20) GUICtrlSetPos ($giPath, 145, 87 + $fhy, 613, 20) GUICtrlSetPos ($gbBrowsePath, 763, 86 + $fhy, 22, 22) GUICtrlSetPos ($gcOCertRequest, 11, 111 + $fhy, 125, 20) GUICtrlSetPos ($giOPVK, 145, 112 + $fhy, 386, 20) GUICtrlSetPos ($gbOBrowsePVK, 536, 111 + $fhy, 22, 22) GUICtrlSetPos ($gbONewPVK, 563, 111 + $fhy, 22, 22) GUICtrlSetPos ($glPVKPass, 595, 115 + $fhy, 50, 20) GUICtrlSetPos ($giPVKPass, 650, 112 + $fhy, 135, 20) GUICtrlSetPos ($glHash, 15, 140 + $fhy, 125, 20) GUICtrlSetPos ($gcHash, 145, 136 + $fhy, 90, 20) GUICtrlSetPos ($glMPVKLength, 415, 115 + $fhy, 125, 20) GUICtrlSetPos ($gcMPVKLength, 545, 111 + $fhy, 90, 20) GUICtrlSetPos ($glValidityStart, 315, 140 + $fhy, 80, 20) GUICtrlSetPos ($gdValidityStart, 400, 137 + $fhy, 90, 20) GUICtrlSetPos ($glValidity, 570, 140 + $fhy, 125, 20) GUICtrlSetPos ($giValidity, 650, 137 + $fhy, 90, 20) GUICtrlSetPos ($glValidityMeasure, 745, 140 + $fhy, 40, 20) GUICtrlSetPos ($glOSAN, 15, 165 + $fhy, 125, 20) GUICtrlSetPos ($gcOSAN, 145, 161 + $fhy, 50, 20) GUICtrlSetPos ($giOSAN, 200, 162 + $fhy, 558, 20) GUICtrlSetPos ($gbOSANAdd, 763, 161 + $fhy, 22, 22) GUICtrlSetPos ($glvOSAN, 145, 187 + $fhy, 613, 100) GUICtrlSetPos ($gbOSANDel, 763, 187 + $fhy, 22, 22) GUICtrlSetPos ($glC, 15, 295 + $fhy, 125, 20) GUICtrlSetPos ($giC, 145, 292 + $fhy, 240, 20) GUICtrlSetPos ($glST, 415, 295 + $fhy, 125, 20) GUICtrlSetPos ($giST, 545, 292 + $fhy, 240, 20) GUICtrlSetPos ($glL, 15, 320 + $fhy, 125, 20) GUICtrlSetPos ($giL, 145, 317 + $fhy, 240, 20) GUICtrlSetPos ($glLP, 415, 320 + $fhy, 125, 20) GUICtrlSetPos ($giLP, 545, 317 + $fhy, 240, 20) GUICtrlSetPos ($glLA, 15, 345 + $fhy, 125, 20) GUICtrlSetPos ($giLA, 145, 342 + $fhy, 240, 20) GUICtrlSetPos ($glO, 15, 370 + $fhy, 125, 20) GUICtrlSetPos ($giO, 145, 367 + $fhy, 240, 20) GUICtrlSetPos ($glOU, 415, 370 + $fhy, 125, 20) GUICtrlSetPos ($giOU, 545, 367 + $fhy, 240, 20) GUICtrlSetPos ($glE, 15, 395 + $fhy, 125, 20) GUICtrlSetPos ($giE, 145, 392 + $fhy, 240, 20) GUICtrlSetPos ($glDC, 415, 395 + $fhy, 125, 20) GUICtrlSetPos ($giDC, 545, 392 + $fhy, 240, 20) If $fCertType = 'Cert' Then GUICtrlSetState ($glCertCA, $GUI_SHOW) GUICtrlSetState ($giCertCA, $GUI_SHOW) GUICtrlSetState ($gbBrowseCertCA, $GUI_SHOW) GUICtrlSetState ($gbNewCertCA, $GUI_SHOW) GUICtrlSetState ($glPVKCA, $GUI_SHOW) GUICtrlSetState ($giPVKCA, $GUI_SHOW) GUICtrlSetState ($gbBrowsePVKCA, $GUI_SHOW) GUICtrlSetState ($gbNewPVKCA, $GUI_SHOW) GUICtrlSetState ($glPVKCAPass, $GUI_SHOW) GUICtrlSetState ($giPVKCAPass, $GUI_SHOW) GUICtrlSetState ($gcOCertRequest, $GUI_ENABLE) GUICtrlSetData ($glDC, 'Domain (DC) *:') EndIf GUICtrlSetState ($gcOCertRequest, $GUI_SHOW) GUICtrlSetState ($giOPVK, $GUI_SHOW) GUICtrlSetState ($gbOBrowsePVK, $GUI_SHOW) GUICtrlSetState ($gbONewPVK, $GUI_SHOW) GUICtrlSetState ($glOSAN, $GUI_SHOW) GUICtrlSetState ($gcOSAN, $GUI_SHOW) GUICtrlSetState ($giOSAN, $GUI_SHOW) GUICtrlSetState ($gbOSANAdd, $GUI_SHOW) GUICtrlSetState ($glvOSAN, $GUI_SHOW) GUICtrlSetState ($gbOSANDel, $GUI_SHOW) GUICtrlSetState ($gcbOUnencrypted, $GUI_SHOW) If $fCertPurpose = 'Authentication' Then GUICtrlSetState ($gcbOUnencrypted, $GUI_ENABLE) Else GUICtrlSetState ($gcbOUnencrypted, BitOR($GUI_UNCHECKED, $GUI_DISABLE)) EndIf If $fCertRequest = 'REQ' Then GUICtrlSetState ($gbONewPVK, $GUI_HIDE) GUICtrlSetState ($glPVKPass, $GUI_HIDE) GUICtrlSetState ($giPVKPass, $GUI_HIDE) GUICtrlSetPos ($giOPVK, 145, 112 + $fhy, 613, 20) GUICtrlSetPos ($gbOBrowsePVK, 763, 111 + $fhy, 22, 22) GUICtrlSetState ($glC, $GUI_HIDE) GUICtrlSetState ($giC, $GUI_HIDE) GUICtrlSetState ($glST, $GUI_HIDE) GUICtrlSetState ($giST, $GUI_HIDE) GUICtrlSetState ($glL, $GUI_HIDE) GUICtrlSetState ($giL, $GUI_HIDE) GUICtrlSetState ($glLP, $GUI_HIDE) GUICtrlSetState ($giLP, $GUI_HIDE) GUICtrlSetState ($glLA, $GUI_HIDE) GUICtrlSetState ($giLA, $GUI_HIDE) GUICtrlSetState ($glO, $GUI_HIDE) GUICtrlSetState ($giO, $GUI_HIDE) GUICtrlSetState ($glOU, $GUI_HIDE) GUICtrlSetState ($giOU, $GUI_HIDE) GUICtrlSetState ($glE, $GUI_HIDE) GUICtrlSetState ($giE, $GUI_HIDE) GUICtrlSetState ($glDC, $GUI_HIDE) GUICtrlSetState ($giDC, $GUI_HIDE) GUICtrlSetState ($gcbOUnencrypted, BitOR($GUI_UNCHECKED, $GUI_DISABLE)) Else GUICtrlSetState ($gbONewPVK, $GUI_SHOW) GUICtrlSetState ($glPVKPass, $GUI_SHOW) GUICtrlSetState ($giPVKPass, $GUI_SHOW) GUICtrlSetPos ($giOPVK, 145, 112 + $fhy, 386, 20) GUICtrlSetPos ($gbOBrowsePVK, 536, 111 + $fhy, 22, 22) GUICtrlSetState ($glC, $GUI_SHOW) GUICtrlSetState ($giC, $GUI_SHOW) GUICtrlSetState ($glST, $GUI_SHOW) GUICtrlSetState ($giST, $GUI_SHOW) GUICtrlSetState ($glL, $GUI_SHOW) GUICtrlSetState ($giL, $GUI_SHOW) GUICtrlSetState ($glLP, $GUI_SHOW) GUICtrlSetState ($giLP, $GUI_SHOW) GUICtrlSetState ($glLA, $GUI_SHOW) GUICtrlSetState ($giLA, $GUI_SHOW) GUICtrlSetState ($glO, $GUI_SHOW) GUICtrlSetState ($giO, $GUI_SHOW) GUICtrlSetState ($glOU, $GUI_SHOW) GUICtrlSetState ($giOU, $GUI_SHOW) GUICtrlSetState ($glE, $GUI_SHOW) GUICtrlSetState ($giE, $GUI_SHOW) GUICtrlSetState ($glDC, $GUI_SHOW) GUICtrlSetState ($giDC, $GUI_SHOW) GUICtrlSetState ($gcbOUnencrypted, $GUI_ENABLE) EndIf GUICtrlSetState ($glMCAPVKLength, $GUI_HIDE) GUICtrlSetState ($gcMCAPVKLength, $GUI_HIDE) GUICtrlSetData ($gcMCAPVKLength, '4096') GUICtrlSetData ($glCAPVKPass, 'Password:') GUICtrlSetPos ($glCAPVKPass, 595, 90, 50, 20) GUICtrlSetPos ($glCAHash, 15, 115, 125, 20) GUICtrlSetPos ($gcCAHash, 145, 111, 90, 20) GUICtrlSetPos ($glCAValidityStart, 315, 115, 80, 20) GUICtrlSetState ($gdCAValidityStart, $GUI_DISABLE) GUICtrlSetData ($gdCAValidityStart, $DefaultDate) GUICtrlSetPos ($gdCAValidityStart, 400, 112, 90, 20) GUICtrlSetPos ($glCAValidity, 570, 115, 75, 20) GUICtrlSetPos ($giCAValidity, 650, 112, 90, 20) GUICtrlSetPos ($glCAValidityMeasure, 750, 115, 35, 20) GUICtrlSetPos ($glCAC, 15, 270, 125, 20) GUICtrlSetPos ($giCAC, 145, 267, 240, 20) GUICtrlSetPos ($glCAST, 415, 270, 125, 20) GUICtrlSetPos ($giCAST, 545, 267, 240, 20) GUICtrlSetPos ($glCAL, 15, 295, 125, 20) GUICtrlSetPos ($giCAL, 145, 292, 240, 20) GUICtrlSetPos ($glCALP, 415, 295, 125, 20) GUICtrlSetPos ($giCALP, 545, 292, 240, 20) GUICtrlSetPos ($glCALA, 15, 320, 125, 20) GUICtrlSetPos ($giCALA, 145, 317, 240, 20) GUICtrlSetPos ($glCAO, 15, 345, 125, 20) GUICtrlSetPos ($giCAO, 145, 342, 240, 20) GUICtrlSetPos ($glCAOU, 415, 345, 125, 20) GUICtrlSetPos ($giCAOU, 545, 342, 240, 20) GUICtrlSetPos ($glCAE, 15, 370, 125, 20) GUICtrlSetPos ($giCAE, 145, 367, 240, 20) GUICtrlSetPos ($glCADC, 415, 370, 125, 20) GUICtrlSetPos ($giCADC, 545, 367, 240, 20) GUICtrlSetState ($glOCAPVK, $GUI_SHOW) GUICtrlSetState ($giOCAPVK, $GUI_SHOW) GUICtrlSetState ($gbOCABrowsePVK, $GUI_SHOW) GUICtrlSetState ($gbOCANewPVK, $GUI_SHOW) GUICtrlSetState ($glOCASAN, $GUI_SHOW) GUICtrlSetState ($gcOCASAN, $GUI_SHOW) GUICtrlSetState ($giOCASAN, $GUI_SHOW) GUICtrlSetState ($gbOCASANAdd, $GUI_SHOW) GUICtrlSetState ($glvOCASAN, $GUI_SHOW) GUICtrlSetState ($gbOCASANDel, $GUI_SHOW) ElseIf $fEngine = 'MakeCert' Then If $fCertType = 'SelfSigned' Then GUICtrlSetState ($glCertCA, $GUI_HIDE) GUICtrlSetState ($giCertCA, $GUI_HIDE) GUICtrlSetState ($gbBrowseCertCA, $GUI_HIDE) GUICtrlSetState ($gbNewCertCA, $GUI_HIDE) GUICtrlSetState ($glPVKCA, $GUI_HIDE) GUICtrlSetState ($giPVKCA, $GUI_HIDE) GUICtrlSetState ($gbBrowsePVKCA, $GUI_HIDE) GUICtrlSetState ($gbNewPVKCA, $GUI_HIDE) GUICtrlSetData ($glDC, 'Domain (DC):') EndIf GUICtrlSetState ($glPVKCAPass, $GUI_HIDE) GUICtrlSetState ($giPVKCAPass, $GUI_HIDE) If $fReset Then GUICtrlSetData ($giCertCA, '') GUICtrlSetData ($giPVKCA, '') GUICtrlSetData ($giPVKCAPass, '') EndIf GUICtrlSetState ($gcOCertRequest, $GUI_HIDE) GUICtrlSetState ($giOPVK, $GUI_HIDE) GUICtrlSetData ($giOPVK, '') GUICtrlSetState ($gbOBrowsePVK, $GUI_HIDE) GUICtrlSetState ($gbONewPVK, $GUI_HIDE) GUICtrlSetState ($glOSAN, $GUI_HIDE) GUICtrlSetState ($gcOSAN, $GUI_HIDE) GUICtrlSetData ($gcOSAN, 'DNS') GUICtrlSetState ($giOSAN, $GUI_HIDE) GUICtrlSetData ($giOSAN, '') GUICtrlSetState ($gbOSANAdd, $GUI_HIDE) GUICtrlSetState ($glvOSAN, $GUI_HIDE) For $i = 1 To $aSAN[0][0] If IsDeclared ('SAN' & $i) Then GUICtrlDelete (Eval ('SAN' & $i)) Next Dim $aSAN[1][1] = [[0]] GUICtrlSetState ($gbOSANDel, $GUI_HIDE) GUICtrlSetState ($gcbOUnencrypted, $GUI_HIDE) GUICtrlSetState ($gcbOUnencrypted, $GUI_UNCHECKED) GUICtrlSetPos ($giPVKCA, 145, 87, 586, 20) GUICtrlSetPos ($gbBrowsePVKCA, 736, 86, 22, 22) GUICtrlSetPos ($gbNewPVKCA, 763, 86, 22, 22) GUICtrlSetPos ($glCN, 15, 65 + $fhy, 125, 20) GUICtrlSetPos ($giCN, 145, 62 + $fhy, 640, 20) GUICtrlSetPos ($glPath, 15, 90 + $fhy, 125, 20) GUICtrlSetPos ($giPath, 145, 87 + $fhy, 613, 20) GUICtrlSetPos ($gbBrowsePath, 763, 86 + $fhy, 22, 22) GUICtrlSetPos ($glPVKPass, 415, 115 + $fhy, 230, 20) GUICtrlSetPos ($giPVKPass, 650, 112 + $fhy, 135, 20) GUICtrlSetPos ($glHash, 15, 140 + $fhy, 125, 20) GUICtrlSetPos ($gcHash, 145, 136 + $fhy, 90, 20) GUICtrlSetPos ($glMPVKLength, 415, 140 + $fhy, 125, 20) GUICtrlSetPos ($gcMPVKLength, 545, 136 + $fhy, 90, 20) GUICtrlSetPos ($glValidityStart, 15, 165 + $fhy, 80, 20) GUICtrlSetPos ($gdValidityStart, 145, 162 + $fhy, 90, 20) GUICtrlSetPos ($glValidity, 415, 165 + $fhy, 125, 20) GUICtrlSetPos ($giValidity, 545, 162 + $fhy, 90, 20) GUICtrlSetPos ($glValidityMeasure, 640, 165 + $fhy, 40, 20) GUICtrlSetPos ($glC, 15, 190 + $fhy, 125, 20) GUICtrlSetPos ($giC, 145, 187 + $fhy, 240, 20) GUICtrlSetPos ($glST, 415, 190 + $fhy, 125, 20) GUICtrlSetPos ($giST, 545, 187 + $fhy, 240, 20) GUICtrlSetPos ($glL, 15, 215 + $fhy, 125, 20) GUICtrlSetPos ($giL, 145, 212 + $fhy, 240, 20) GUICtrlSetPos ($glLP, 415, 215 + $fhy, 125, 20) GUICtrlSetPos ($giLP, 545, 212 + $fhy, 240, 20) GUICtrlSetPos ($glLA, 15, 240 + $fhy, 125, 20) GUICtrlSetPos ($giLA, 145, 237 + $fhy, 240, 20) GUICtrlSetPos ($glO, 15, 265 + $fhy, 125, 20) GUICtrlSetPos ($giO, 145, 262 + $fhy, 240, 20) GUICtrlSetPos ($glOU, 415, 265 + $fhy, 125, 20) GUICtrlSetPos ($giOU, 545, 262 + $fhy, 240, 20) GUICtrlSetPos ($glE, 15, 290 + $fhy, 125, 20) GUICtrlSetPos ($giE, 145, 287 + $fhy, 240, 20) GUICtrlSetPos ($glDC, 415, 290 + $fhy, 125, 20) GUICtrlSetPos ($giDC, 545, 287 + $fhy, 240, 20) If $fCertType = 'Cert' Then GUICtrlSetState ($glCertCA, $GUI_SHOW) GUICtrlSetState ($giCertCA, $GUI_SHOW) GUICtrlSetState ($gbBrowseCertCA, $GUI_SHOW) GUICtrlSetState ($gbNewCertCA, $GUI_SHOW) GUICtrlSetState ($glPVKCA, $GUI_SHOW) GUICtrlSetState ($giPVKCA, $GUI_SHOW) GUICtrlSetState ($gbBrowsePVKCA, $GUI_SHOW) GUICtrlSetState ($gbNewPVKCA, $GUI_SHOW) GUICtrlSetData ($glDC, 'Domain (DC) *:') EndIf GUICtrlSetState ($glPVKPass, $GUI_SHOW) GUICtrlSetData ($glPVKPass, 'Personal Information Exchange (PFX) Password:') GUICtrlSetState ($giPVKPass, $GUI_SHOW) GUICtrlSetState ($glMPVKLength, $GUI_SHOW) GUICtrlSetState ($gcMPVKLength, $GUI_SHOW) GUICtrlSetState ($glC, $GUI_SHOW) GUICtrlSetState ($giC, $GUI_SHOW) GUICtrlSetState ($glST, $GUI_SHOW) GUICtrlSetState ($giST, $GUI_SHOW) GUICtrlSetState ($glL, $GUI_SHOW) GUICtrlSetState ($giL, $GUI_SHOW) GUICtrlSetState ($glLP, $GUI_SHOW) GUICtrlSetState ($giLP, $GUI_SHOW) GUICtrlSetState ($glLA, $GUI_SHOW) GUICtrlSetState ($giLA, $GUI_SHOW) GUICtrlSetState ($glO, $GUI_SHOW) GUICtrlSetState ($giO, $GUI_SHOW) GUICtrlSetState ($glOU, $GUI_SHOW) GUICtrlSetState ($giOU, $GUI_SHOW) GUICtrlSetState ($glE, $GUI_SHOW) GUICtrlSetState ($giE, $GUI_SHOW) GUICtrlSetState ($glDC, $GUI_SHOW) GUICtrlSetState ($giDC, $GUI_SHOW) GUICtrlSetState ($glOCAPVK, $GUI_HIDE) GUICtrlSetState ($giOCAPVK, $GUI_HIDE) GUICtrlSetData ($giOCAPVK, '') GUICtrlSetState ($gbOCABrowsePVK, $GUI_HIDE) GUICtrlSetState ($gbOCANewPVK, $GUI_HIDE) GUICtrlSetData ($glCAPVKPass, 'Personal Information Exchange (PFX) Password:') GUICtrlSetData ($giCAPVKPass, '') GUICtrlSetState ($gdCAValidityStart, $GUI_ENABLE) GUICtrlSetState ($glOCASAN, $GUI_HIDE) GUICtrlSetState ($gcOCASAN, $GUI_HIDE) GUICtrlSetData ($gcOCASAN, 'DNS') GUICtrlSetState ($giOCASAN, $GUI_HIDE) GUICtrlSetData ($giOCASAN, '') GUICtrlSetState ($gbOCASANAdd, $GUI_HIDE) GUICtrlSetState ($glvOCASAN, $GUI_HIDE) For $i = 1 To $aCASAN[0][0] If IsDeclared ('CASAN' & $i) Then GUICtrlDelete (Eval ('CASAN' & $i)) Next Dim $aCASAN[1][1] = [[0]] GUICtrlSetState ($gbOCASANDel, $GUI_HIDE) GUICtrlSetPos ($glCAPVKPass, 415, 90, 230, 20) GUICtrlSetPos ($glCAHash, 15, 115, 125, 20) GUICtrlSetPos ($gcCAHash, 145, 111, 90, 20) GUICtrlSetPos ($glCAValidityStart, 15, 140, 80, 20) GUICtrlSetPos ($gdCAValidityStart, 145, 137, 90, 20) GUICtrlSetPos ($glCAValidity, 415, 140, 125, 20) GUICtrlSetPos ($giCAValidity, 545, 137, 90, 20) GUICtrlSetPos ($glCAValidityMeasure, 645, 140, 35, 20) GUICtrlSetPos ($glCAC, 15, 165, 125, 20) GUICtrlSetPos ($giCAC, 145, 162, 240, 20) GUICtrlSetPos ($glCAST, 415, 165, 125, 20) GUICtrlSetPos ($giCAST, 545, 162, 240, 20) GUICtrlSetPos ($glCAL, 15, 190, 125, 20) GUICtrlSetPos ($giCAL, 145, 187, 240, 20) GUICtrlSetPos ($glCALP, 415, 190, 125, 20) GUICtrlSetPos ($giCALP, 545, 187, 240, 20) GUICtrlSetPos ($glCALA, 15, 215, 125, 20) GUICtrlSetPos ($giCALA, 145, 212, 240, 20) GUICtrlSetPos ($glCAO, 15, 240, 125, 20) GUICtrlSetPos ($giCAO, 145, 237, 240, 20) GUICtrlSetPos ($glCAOU, 415, 240, 125, 20) GUICtrlSetPos ($giCAOU, 545, 237, 240, 20) GUICtrlSetPos ($glCAE, 15, 265, 125, 20) GUICtrlSetPos ($giCAE, 145, 262, 240, 20) GUICtrlSetPos ($glCADC, 415, 265, 125, 20) GUICtrlSetPos ($giCADC, 545, 262, 240, 20) GUICtrlSetState ($glMCAPVKLength, $GUI_SHOW) GUICtrlSetState ($gcMCAPVKLength, $GUI_SHOW) EndIf If $GUIHistory <> $fEngine Then GUICtrlSetData ($giPVKPass, '') $GUIHistory = $fEngine Return SetError (0, 0, 1) EndFunc ;-> fSetGUI Func fResetData($Form = '') If $Form = 'Digital Signature Kit' Then GUICtrlSetData ($giFilePFX, '') GUICtrlSetData ($giPassPFX, '') GUICtrlSetData ($giDescription, '') GUICtrlSetData ($gcTSS, $aTimeStampServers[$aTimeStampServers[0]], $aTimeStampServers[$aTimeStampServers[0]]) $SignFiles = '' GUICtrlSetData ($gliFiles, '|') ElseIf $Form = 'Create Certificate' Then GUICtrlSetData ($gcCertType, 'CA Issued Certificate') $CertType = 'Cert' GUICtrlSetData ($gcCertPurpose, 'Server authentication') GUICtrlSetData ($giCertCA, '') GUICtrlSetData ($giPVKCA, '') GUICtrlSetData ($giPVKCAPass, '') GUICtrlSetData ($giCN, '') GUICtrlSetData ($giPath, '') GUICtrlSetData ($gcOCertRequest, 'Private Key path:') $CertRequest = 'PVK' GUICtrlSetData ($giOPVK, '') GUICtrlSetData ($giPVKPass, '') GUICtrlSetData ($gcHash, 'SHA 256') GUICtrlSetData ($gcMPVKLength, '2048') GUICtrlSetData ($gdValidityStart, $DefaultDate) GUICtrlSetData ($giValidity, '12') GUICtrlSetData ($gcOSAN, 'DNS') For $i = 1 To $aSAN[0][0] If IsDeclared ('SAN' & $i) Then GUICtrlDelete (Eval ('SAN' & $i)) Next Dim $aSAN[1][1] = [[0]] GUICtrlSetData ($giC, '') GUICtrlSetData ($giST, '') GUICtrlSetData ($giL, '') GUICtrlSetData ($giLP, '') GUICtrlSetData ($giLA, '') GUICtrlSetData ($giO, '') GUICtrlSetData ($giOU, '') GUICtrlSetData ($giE, '') GUICtrlSetData ($giDC, '') GUICtrlSetState ($gcbForm, $GUI_CHECKED) GUICtrlSetState ($gcbOUnencrypted, $GUI_UNCHECKED) GUICtrlSetData ($giCACN, '') GUICtrlSetData ($giCAPath, '') GUICtrlSetData ($giOCAPVK, '') GUICtrlSetData ($giCAPVKPass, '') GUICtrlSetData ($gcCAHash, 'SHA 512') GUICtrlSetData ($gcMCAPVKLength, '4096') GUICtrlSetData ($gdCAValidityStart, $DefaultDate) GUICtrlSetData ($giCAValidity, '25') GUICtrlSetData ($gcOCASAN, 'DNS') For $i = 1 To $aCASAN[0][0] If IsDeclared ('CASAN' & $i) Then GUICtrlDelete (Eval ('CASAN' & $i)) Next Dim $aCASAN[1][1] = [[0]] GUICtrlSetData ($giCAC, '') GUICtrlSetData ($giCAST, '') GUICtrlSetData ($giCAL, '') GUICtrlSetData ($giCALP, '') GUICtrlSetData ($giCALA, '') GUICtrlSetData ($giCAO, '') GUICtrlSetData ($giCAOU, '') GUICtrlSetData ($giCAE, '') GUICtrlSetData ($giCADC, '') GUICtrlSetState ($gmCertEngineOpenSSL, $GUI_CHECKED) $Engine = 'OpenSSL' ElseIf $Form = 'Cert' Then GUICtrlSetData ($giCN, '') GUICtrlSetData ($giOPVK, '') GUICtrlSetData ($giPVKPass, '') GUICtrlSetData ($gdValidityStart, $DefaultDate) GUICtrlSetData ($giValidity, '12') For $i = 1 To $aSAN[0][0] If IsDeclared ('SAN' & $i) Then GUICtrlDelete (Eval ('SAN' & $i)) Next Dim $aSAN[1][1] = [[0]] ElseIf $Form = 'CACert' Then GUICtrlSetData ($giCACN, '') GUICtrlSetData ($giCAPath, '') GUICtrlSetData ($giOCAPVK, '') GUICtrlSetData ($giCAPVKPass, '') GUICtrlSetData ($gdCAValidityStart, $DefaultDate) GUICtrlSetData ($giCAValidity, '25') For $i = 1 To $aCASAN[0][0] If IsDeclared ('CASAN' & $i) Then GUICtrlDelete (Eval ('CASAN' & $i)) Next Dim $aCASAN[1][1] = [[0]] Else Return SetError (1, 0, '') EndIf EndFunc ;-> fResetData ;----------------------------------------------------------------------------------------------------; ;------------------------- LIST/COPY FILES IN GIVEN PATH -------------------------; ;----------------------------------------------------------------------------------------------------; ; $fRecurse < 0 ... FULL Recourse (eg. if '$fRecurse = -1' then files will be searched in $fSourcePath and all SubFolders) ; = 0 ... NO Recourse (eg. if '$fRecurse = 0' then files will be searched in $fSourcePath only) ; > 0 ... Depth of Recourse (eg. if '$fRecurse = 3' then files will be searched in $fSourcePath and 3 levels deep SubFolders) ; if $fFiles is left empty, '*.*' is used, separate multiple files with '|' (eg. '*.txt|name?.nfo|name.*') ; when '$fCopy = TRUE', you must specify the $fTargetPath ; $fStart should always be '$fStart = TRUE' ... '$fStart = FALSE' is used for internal operations ; Function returns two dimensional array that contains: ; Array[n][0] = 'File Path' ; Array[n][1] = 'File Name' ; Array[n][2] = 'File Extension' ; Array[n][3] = 'Parent Folder' ; Array[n][4] = 'File Size' ; Array[n][5] = 'Copy Status' ('0' or '1') ;----------------------------------------------------------------------------------------------------; Func fGetCopyFiles($fSourcePath = '', $fRecurse = 0, $fFiles = '', $fTargetPath = '', $fCopy = FALSE, $fStart = TRUE) If StringStripWS ($fSourcePath, 8) = '' Then Return SetError (1, 0, 'Source NOT specified') If $fCopy AND StringStripWS ($fTargetPath, 8) = '' Then Return SetError (1, 0, 'Target NOT specified') If StringStripWS ($fFiles, 8) = '' Then $fFiles = '*.*' If $fStart Then Global $fFileList[1][1] = [[0]] $fobjFSO = ObjCreate ('Scripting.FileSystemObject') If @error Then Return SetError (1, 0, 'Could NOT create object') $fobjFolder = $fobjFSO.GetFolder($fSourcePath) For $fobjFile In $fobjFolder.Files $fFile = StringSplit ($fFiles, '|') For $fi = 1 To $fFile[0] If $fFiles = '*.*' OR $fFile[$fi] = '*.*' OR fCheckFile($fobjFile.Name, $fFile[$fi]) Then $fCopyStatus = 0 If $fCopy Then If FileCopy ($fobjFile.Path, $fTargetPath & '\' & $fobjFile.Name, 9) Then $fCopyStatus = 1 EndIf ReDim $fFileList[UBound ($fFileList) + 1][6] $fFileList[0][0] = UBound ($fFileList) - 1 $fFileList[$fFileList[0][0]][0] = $fobjFile.Path $fFileList[$fFileList[0][0]][1] = $fobjFile.Name $fFileList[$fFileList[0][0]][2] = $fobjFSO.GetExtensionName($fobjFile.Name) $fFileList[$fFileList[0][0]][3] = $fobjFSO.GetParentFolderName($fobjFile.Path) $fFileList[$fFileList[0][0]][4] = $fobjFile.Size $fFileList[$fFileList[0][0]][5] = $fCopyStatus EndIf Next Next If $fRecurse <> 0 Then For $fobjSubFolder In $fobjFolder.SubFolders fGetCopyFiles($fobjSubFolder.Path, $fRecurse - 1, $fFiles, $fTargetPath & '\' & $fobjSubFolder.Name, $fCopy, FALSE) Next EndIf Return SetError (0, 0, $fFileList) EndFunc ;-> fGetCopyFiles Func fCheckFile($fCheckFile, $fCheckPatern) If $fCheckFile = '' OR $fCheckPatern = '' Then Return SetError (1, 0, FALSE) If $fCheckPatern = '' Then Return SetError (0, 0, TRUE) $fCheckFile = StringLower ($fCheckFile) $fCheckPatern = StringLower ($fCheckPatern) $fCheckPatern = StringReplace ($fCheckPatern, '*', '[[:print:]]*') $fCheckPatern = StringReplace ($fCheckPatern, '?', '[[:print:]]') $fCheckPatern = StringReplace ($fCheckPatern, '.', '\.') $fCheckPatern = "^" & $fCheckPatern & "$" Return SetError (0, 0, StringRegExp ($fCheckFile, $fCheckPatern)) EndFunc ;-> fCheckFile ;----------------------------------------------------------------------------------------------------; Func fGetDate($fDate = '', $fFormat = 'D/M/Y') If $fDate = '' Then $fDate = $DefaultDate Local $fIsDate = FALSE If StringInStr ($fDate, '.') OR StringInStr ($fDate, '/') Then $faDate = StringSplit ($fDate, './') If $faDate[0] < 3 OR $faDate[0] > 4 Then $faDate = StringSplit ($DefaultDate, './') Local $fYear = Number ($faDate[3]) Local $fMonth = Number ($faDate[2]) Local $fDay = Number ($faDate[1]) Local $fIsDate = FALSE If $fDay > 0 AND $fDay <= 31 AND _ $fMonth > 0 AND $fMonth <= 12 AND _ $fYear > 1000 AND $fYear <= 9999 Then _ $fIsDate = TRUE If $fIsDate Then $fYear = Number ($fYear) $fMonth = StringFormat ('%02i', $fMonth) $fDay = StringFormat ('%02i', $fDay) If $fMonth = '02' AND $fDay = '29' Then Select Case StringRight ($fYear, 2) == '00' If NOT Mod ($fYear, 400) Then $fLeapYear = TRUE $fLeapYear = FALSE Case NOT Mod ($fYear, 4) $fLeapYear = TRUE Case Else $fLeapYear = FALSE EndSelect If NOT $fLeapYear Then Local $fDay = '01', $fMonth = '03' EndIf Return SetError (0, 0, StringReplace (StringReplace (StringReplace ($fFormat, 'D', $fDay), 'M', $fMonth), 'Y', $fYear)) EndIf EndIf $faDate = StringSplit ($DefaultDate, './') $fYear = Number ($faDate[3]) $fMonth = StringFormat ('%02i', Number ($faDate[2])) $fDay = StringFormat ('%02i', Number ($faDate[1])) Return SetError (1, 0, StringReplace (StringReplace (StringReplace ($fFormat, 'D', $fDay), 'M', $fMonth), 'Y', $fYear)) EndFunc ;-> fGetDate Func fGetDays($fiYear, $fiMonth, $fiDay) If $fiMonth < 3 Then $fiMonth = $fiMonth + 12 $fiYear = $fiYear - 1 EndIf Local $iFactorA = Int ($fiYear / 100) Local $iFactorB = Int ($iFactorA / 4) Local $iFactorC = 2 - $iFactorA + $iFactorB Local $iFactorD = Int (1461 * ($fiYear + 4716) / 4) Local $iFactorE = Int (153 * ($fiMonth + 1) / 5) Local $iJulianDate = $iFactorC + $fiDay + $iFactorD + $iFactorE - 1524.5 Return SetError (0, 0, $iJulianDate) EndFunc ;-> fGetDays Func fGetShortPath($fPath = '', $fGetShort = TRUE) If $fPath = '' Then Return SetError (1, 0, $fPath) If $fGetShort AND StringLeft ($fPath, StringLen ($ScriptDir)) = $ScriptDir Then $fPath = '.' & StringTrimLeft ($fPath, StringLen ($ScriptDir)) If NOT $fGetShort AND StringLeft ($fPath, 1) = '.' Then $fPath = $ScriptDir & StringTrimLeft ($fPath, 1) Return SetError (0, 0, $fPath) EndFunc ;-> fGetShortPath Func fPingHost($fPingHost) If StringLeft ($fPingHost, 2) <> '\\' Then Return SetError (0, 0, 1) For $i = 3 to StringLen ($fPingHost) $fHostName = StringTrimLeft (StringLeft ($fPingHost, $i), 2) If NOT StringInStr ($fHostName, '\') Then ContinueLoop $i = $i - 1 $fHostName = StringTrimLeft (StringLeft ($fPingHost, $i), 2) ExitLoop Next If $fHostName = '' Then Return SetError (1, 0, 0) Dim $fInvalidHostName = ' -~-!-@-#-$-^-&-*-(-)-=-+-[-]-{-}-\-|-;-:-''-"-,-<->-/-?-%' $fInvalidHostName = StringSplit ($InvalidHostName, '-') For $i = 1 to $fInvalidHostName[0] If StringInStr ($fHostName, $fInvalidHostName[$i]) Then Return SetError (1, 0, 0) Next If NOT Ping ($fHostName) Then Return SetError (1, 0, 0) Return SetError (0, 0, 1) EndFunc ;-> fPingHost Func fGetName($fName = '') If $fName = '' Then Return SetError (1, 0, 0) Local $faChar = StringSplit ($fName, ''), $fTrim = 0 Local $faWINforbidden[10] = [9, '"', '*', '?', ':', '/', '\', '<', '>', '|'] For $i = 1 To $faChar[0] If NOT StringIsAlNum ($faChar[$i]) Then ContinueLoop $fTrim = $i ExitLoop Next $fName = StringTrimLeft ($fName, $fTrim - 1) For $i = 1 To $faWINforbidden[0] If StringInStr ($fName, $faWINforbidden[$i]) Then $fName = StringReplace ($fName, $faWINforbidden[$i], '') Next $fName = StringStripWS ($fName, 3) If StringStripWS ($fName, 8) = '' Then Return SetError (1, 0, 0) Return SetError (0, 0, $fName) EndFunc ;-> fGetName Func fGetSubject($fEngine = '', $fSubject = '') If $fEngine = '' OR $fSubject = '' Then Return SetError (1, 0, 0) Local $faOForbidden[2] = [1, '='] Local $faMForbidden[4] = [3, '"', ',', '='] If $fEngine = 'OpenSSL' Then For $i = 1 To $faOForbidden[0] If StringInStr ($fSubject, $faOForbidden[$i]) Then $fSubject = StringReplace ($fSubject, $faOForbidden[$i], '') Next Else For $i = 1 To $faMForbidden[0] If StringInStr ($fSubject, $faMForbidden[$i]) Then $fSubject = StringReplace ($fSubject, $faMForbidden[$i], '') Next EndIf $fSubject = StringStripWS ($fSubject, 3) If StringStripWS ($fSubject, 8) = '' Then Return SetError (1, 0, 0) Return SetError (0, 0, $fSubject) EndFunc ;-> fGetSubject Func fBase64($vData, $bEncode = FALSE) Local $oXMLDOM = ObjCreate ('Microsoft.XMLDOM') If NOT IsObj ($oXMLDOM) Then Return SetError (1, 0, 0) Local $oElement = $oXMLDOM.createElement ('TEMP') $oElement.DataType = 'bin.Base64' If $bEncode Then $oElement.NodeTypedValue = Binary ($vData) Return $oElement.Text Else $oElement.Text = $vData Return BinaryToString ($oElement.NodeTypedValue, 4) EndIf EndFunc ;=> fBase64 Func fRevealPass($hWnd, $hToggleCtrl, $hCtrl, $vShowPass = 0, $sPassChar = '•') If Not IsHWnd ($hWnd) Then $hWnd = WinGetHandle ($hWnd) If Not IsHWnd ($hToggleCtrl) Then $hToggleCtrl = ControlGetHandle ($hWnd, '', $hToggleCtrl) If Not IsHWnd ($hCtrl) Then $hCtrl = ControlGetHandle ($hWnd, '', $hCtrl) Local Const $EM_SETPASSWORDCHAR = 0xCC Local Const $EM_GETPASSWORDCHAR = 0xD2 Local $iPassChar = 0 Local $aRet = DllCall ('user32.dll', 'long', 'SendMessage', 'hwnd', $hCtrl, 'int', $EM_GETPASSWORDCHAR, 'int', 0, 'int', 0) If IsArray ($aRet) And Not $aRet[0] Then $iPassChar = Asc ($sPassChar) If $vShowPass Then $iPassChar = 0 ControlFocus ($hWnd, '', $hToggleCtrl) DllCall ('user32.dll', 'long', 'SendMessage', 'hwnd', $hCtrl, 'int', $EM_SETPASSWORDCHAR, 'int', $iPassChar, 'int', 0) ControlFocus ($hWnd, '', $hCtrl) EndFunc ;=> fRevealPass Func fHelp($fGUI = '') $Help = 'Digital Signature Kit v' & $Version & @CRLF $Help &= @CRLF $Help &= @CRLF $Help &= 'SYNTAX:' & @TAB & 'DigitalSign.exe [-F:"Form.cnf"]' & @CRLF $Help &= '__________________________________________________' & @CRLF $Help &= @CRLF $Help &= '-F' & @TAB & 'Load Form/Template at startup' MsgBox (262208, 'Digital Signature Kit', $Help, 0, $fGUI) If $fGUI = '' Then Exit EndFunc ;-> fHelp Func fOnExit() DirRemove ($BIN, 1) EndFunc ;-> fOnExit