fix: Avoid errors when genTestData is re-executed (while test data already exists)

[cassiopeia.git] / src / crypto / remoteSigner.cpp

diff --git a/src/crypto/remoteSigner.cpp b/src/crypto/remoteSigner.cpp
index eaeede065c6e50c98bbb2eba9203f49d679732c1..b060f6cca116f25a4516357147f9f10612e6f512 100644 (file)
--- a/src/crypto/remoteSigner.cpp
+++ b/src/crypto/remoteSigner.cpp
@@ -46,6 +46,8 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
 
     send( conn, head, RecordHeader::SignerCommand::SET_SIGNATURE_TYPE, cert->md );
     send( conn, head, RecordHeader::SignerCommand::SET_PROFILE, cert->profile );
+    send( conn, head, RecordHeader::SignerCommand::SET_WISH_FROM, cert->wishFrom );
+    send( conn, head, RecordHeader::SignerCommand::SET_WISH_TO, cert->wishTo );
 
     for( auto ava : cert->AVAs ) {
         if( ava->name.find( "," ) != std::string::npos ) {
@@ -134,6 +136,9 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
             []( char* p ) {
                 OPENSSL_free( p );
             } ); // OPENSSL_free is a macro...
+
+        extractTimes( pem, result );
+
         result->serial = std::string( serStr.get() );
     }
 
@@ -144,7 +149,7 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
     return result;
 }
 
-std::pair<std::shared_ptr<CRL>, std::string> RemoteSigner::revoke( std::shared_ptr<CAConfig> ca, std::string serial ) {
+std::pair<std::shared_ptr<CRL>, std::string> RemoteSigner::revoke( std::shared_ptr<CAConfig> ca, std::vector<std::string> serials ) {
     ( void )BIO_reset( target.get() );
 
     std::shared_ptr<SSL> ssl( SSL_new( ctx.get() ), SSL_free );
@@ -158,7 +163,11 @@ std::pair<std::shared_ptr<CRL>, std::string> RemoteSigner::revoke( std::shared_p
     head.flags = 0;
     head.sessid = 13;
 
-    std::string payload = ca->name + std::string( "\0", 1 ) + serial;
+    for( std::string serial : serials ) {
+        send( conn, head, RecordHeader::SignerCommand::ADD_SERIAL, serial );
+    }
+
+    std::string payload = ca->name;
     send( conn, head, RecordHeader::SignerCommand::REVOKE, payload );
 
     std::vector<char> buffer( 2048 * 4 );
@@ -183,7 +192,11 @@ std::pair<std::shared_ptr<CRL>, std::string> RemoteSigner::revoke( std::shared_p
     ASN1_TIME_free( time );
     date = payload.substr( 0, pos - buffer2 );
     std::string rest = payload.substr( pos - buffer2 );
-    crl->revoke( serial, date );
+
+    for( std::string serial : serials ) {
+        crl->revoke( serial, date );
+    }
+
     crl->setSignature( rest );
     bool ok = crl->verify( ca );