From f91a144781e9e71ec04cb39cc6619003def14f00 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Fri, 9 Jan 2015 09:53:25 +0100 Subject: [PATCH] add: write back signing CA --- src/crypto/remoteSigner.cpp | 6 +++++- src/crypto/simpleOpensslSigner.cpp | 1 + src/db/mysql.cpp | 29 ++++++++++++++++++++++++++++- src/io/record.h | 3 ++- src/io/recordHandler.cpp | 1 + 5 files changed, 37 insertions(+), 3 deletions(-) diff --git a/src/crypto/remoteSigner.cpp b/src/crypto/remoteSigner.cpp index 81a70cc..bad2065 100644 --- a/src/crypto/remoteSigner.cpp +++ b/src/crypto/remoteSigner.cpp @@ -70,7 +70,7 @@ std::shared_ptr RemoteSigner::sign( std::shared_ptr result = std::shared_ptr( new SignedCertificate() ); std::vector buffer( 2048 * 4 ); - for( int i = 0; i < 2; i++ ) { + for( int i = 0; i < 3; i++ ) { try { int length = conn->read( buffer.data(), buffer.size() ); @@ -92,6 +92,10 @@ std::shared_ptr RemoteSigner::sign( std::shared_ptrlog = payload; break; + case RecordHeader::SignerResult::SIGNING_CA: + result->ca_name = payload; + break; + default: std::cout << "Invalid Message" << std::endl; break; diff --git a/src/crypto/simpleOpensslSigner.cpp b/src/crypto/simpleOpensslSigner.cpp index 2aea5c8..b7497e6 100644 --- a/src/crypto/simpleOpensslSigner.cpp +++ b/src/crypto/simpleOpensslSigner.cpp @@ -156,6 +156,7 @@ std::shared_ptr SimpleOpensslSigner::sign( std::shared_ptr output = c.sign( prof.ca->caKey, cert->md ); signlog << "FINE: all went well" << std::endl; signlog << "FINE: crt went to: " << writeBackFile( num, output->certificate, prof.ca->path ) << std::endl; + output->ca_name = prof.ca->name; output->log = signlog.str(); return output; } diff --git a/src/db/mysql.cpp b/src/db/mysql.cpp index 973e9d0..e3fbca5 100644 --- a/src/db/mysql.cpp +++ b/src/db/mysql.cpp @@ -292,7 +292,34 @@ void MySQLJobProvider::writeBack( std::shared_ptr job, std::shared_ptrescape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', created=NOW() WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1"; + std::string id = "SELECT id FROM cacerts WHERE keyname='" + this->escape_string( res->ca_name ) + "'"; + + int err = 0; + std::shared_ptr resu; + std::tie( err, resu ) = query( id ); + + if( err ) { + throw "Error while looking ca cert id"; + } + + MYSQL_ROW row = mysql_fetch_row( resu.get() ); + unsigned long* l = mysql_fetch_lengths( resu.get() ); + + std::string read_id; + + if( !row || !l ) { + if( query( "INSERT INTO cacerts SET keyname= '" + this->escape_string( res->ca_name ) + "', subroot = 0" ).first ) { + throw "Error while inserting new ca cert"; + } + + my_ulonglong insert_id = mysql_insert_id( conn.get() ); + + read_id = std::to_string( insert_id ); + } else { + read_id = std::string( row[0], row[0] + l[0] ); + } + + std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', caId = '" + this->escape_string( read_id ) + "', created=NOW() WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1"; // TODO write more thingies back diff --git a/src/io/record.h b/src/io/record.h index 92837bd..b084113 100644 --- a/src/io/record.h +++ b/src/io/record.h @@ -31,7 +31,8 @@ public: REVOKED = 0x100, FULL_CRL = 0x101, SAVE_LOG = 0x80, - CERTIFICATE = 0x81 + CERTIFICATE = 0x81, + SIGNING_CA = 0x82, }; public: diff --git a/src/io/recordHandler.cpp b/src/io/recordHandler.cpp index 5055d5c..b79d3cc 100644 --- a/src/io/recordHandler.cpp +++ b/src/io/recordHandler.cpp @@ -167,6 +167,7 @@ public: case RecordHeader::SignerCommand::LOG_SAVED: if( result ) { + respondCommand( RecordHeader::SignerResult::SIGNING_CA, result->ca_name ); respondCommand( RecordHeader::SignerResult::CERTIFICATE, result->certificate ); } -- 2.39.2