10 #include "simpleOpensslSigner.h"
14 #include "remoteSigner.h"
24 extern std::string keyDir;
25 extern std::vector<Profile> profiles;
26 extern std::string sqlHost, sqlUser, sqlPass, sqlDB;
27 extern std::string serialPath;
29 std::string writeBackFile( uint32_t serial, std::string cert ) {
30 std::string filename = keyDir;
31 mkdir( filename.c_str(), 0755 );
33 mkdir( filename.c_str(), 0755 );
34 filename += "/" + std::to_string( serial / 1000 );
35 mkdir( filename.c_str(), 0755 );
36 filename += "/" + std::to_string( serial ) + ".crt";
37 writeFile( filename, cert );
38 std::cout << "wrote to " << filename << std::endl;
42 int main( int argc, const char* argv[] ) {
47 if( argc == 2 && std::string( "--once" ) == std::string( argv[1] ) ) {
54 path = "/etc/cacert/cassiopeia/cassiopeia.conf";
59 if( parseConfig( path ) != 0 ) {
63 if( serialPath == "" ) {
64 std::cout << "Error: no serial device is given" << std::endl;
68 std::shared_ptr<JobProvider> jp( new MySQLJobProvider( sqlHost, sqlUser, sqlPass, sqlDB ) );
69 std::shared_ptr<BIO> b = openSerial( serialPath );
70 std::shared_ptr<BIO> slip1( BIO_new( toBio<SlipBIO>() ), BIO_free );
71 ( ( SlipBIO* )slip1->ptr )->setTarget( std::shared_ptr<OpensslBIO>( new OpensslBIOWrapper( b ) ) );
72 std::shared_ptr<RemoteSigner> sign( new RemoteSigner( slip1, generateSSLContext( false ) ) );
73 // std::shared_ptr<Signer> sign( new SimpleOpensslSigner() );
76 std::shared_ptr<Job> job = jp->fetchJob();
79 std::cout << "Nothing to work on" << std::endl;
84 std::ofstream* logP = new std::ofstream( std::string( "logs/" ) + job->id + std::string( "_" ) + job->warning + std::string( ".log" ) );
85 std::shared_ptr<std::ofstream> logPtr(
87 []( std::ofstream * ptr ) {
91 std::ofstream& log = *logP;
93 sign->setLog( logPtr );
94 log << "TASK ID: " << job->id << std::endl;
95 log << "TRY: " << job->warning << std::endl;
96 log << "TARGET: " << job->target << std::endl;
97 log << "TASK: " << job->task << std::endl << std::endl;
99 if( job->task == "sign" ) {
101 std::shared_ptr<TBSCertificate> cert = jp->fetchTBSCert( job );
102 log << "INFO: message digest: " << cert->md << std::endl;
103 log << "INFO: profile id: " << cert->profile << std::endl;
105 for( auto& SAN : cert->SANs ) {
106 log << "INFO: SAN " << SAN->type << ": " << SAN->content;
109 for( auto& AVA : cert->AVAs ) {
110 log << "INFO: AVA " << AVA->name << ": " << AVA->value;
114 std::cout << "wasn't able to load CSR" << std::endl;
119 log << "FINE: Found the CSR at '" << cert->csr << "'" << std::endl;
120 cert->csr_content = readFile( keyDir + "/../" + cert->csr );
121 log << "FINE: CSR is " << std::endl << cert->csr_content << std::endl;
123 std::shared_ptr<SignedCertificate> res = sign->sign( cert );
126 log << "ERROR: The signer failed. There was no certificate." << std::endl;
131 log << "FINE: CERTIFICATE LOG: " << res->log << std::endl;
132 log << "FINE: CERTIFICATE:" << std::endl << res->certificate << std::endl;
133 std::string fn = writeBackFile( atoi( job->target.c_str() ), res->certificate );
135 jp->writeBack( job, res );
136 log << "FINE: signing done." << std::endl;
139 jp->finishJob( job );
143 } catch( const char* c ) {
144 log << "ERROR: " << c << std::endl;
145 } catch( std::string c ) {
146 log << "ERROR: " << c << std::endl;
151 } catch( const char* c ) {
152 log << "ERROR: " << c << std::endl;
153 } catch( std::string c ) {
154 log << "ERROR: " << c << std::endl;
157 log << "Unknown job type" << job->task << std::endl;
160 if( !DAEMON || once ) {