try {
auto data = jp->getRevocationInfo( job );
- sign->revoke( CAs.at( data.second ), data.first );
+ std::pair<std::shared_ptr<CRL>, std::string> rev = sign->revoke( CAs.at( data.second ), data.first );
+ std::string date = rev.second;
+ const unsigned char* pos = ( const unsigned char* ) date.data();
+ std::shared_ptr<ASN1_TIME> time( d2i_ASN1_TIME( NULL, &pos, date.size() ), ASN1_TIME_free );
+ std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
+ std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
+
+ if( strdate[strdate.size() - 1] != 'Z' ) {
+ throw "Got invalid date?";
+ }
+
+ jp->writeBackRevocation( job, strdate.substr( 0, strdate.size() - 1 ) );
jp->finishJob( job );
} catch( const char* c ) {
std::cout << "Exception: " << c << std::endl;
payload = parseCommand( head, std::string( buffer.data(), length ), log );
std::shared_ptr<CRL> crl( new CRL( ca->path + std::string( "/ca.crl" ) ) );
+ std::string date;
switch( ( RecordHeader::SignerResult ) head.command ) {
case RecordHeader::SignerResult::REVOKED: {
const unsigned char* pos = buffer2;
ASN1_TIME* time = d2i_ASN1_TIME( NULL, &pos, payload.size() );
ASN1_TIME_free( time );
+ date = payload.substr( 0, pos - buffer2 );
std::string rest = payload.substr( pos - buffer2 );
- crl->revoke( serial, payload.substr( 0, pos - buffer2 ) );
+ crl->revoke( serial, date );
crl->setSignature( rest );
bool ok = crl->verify( ca );
std::cout << "SSL shutdown failed" << std::endl;
}
- return std::pair<std::shared_ptr<CRL>, std::string>( std::shared_ptr<CRL>(), "" );
+ return std::pair<std::shared_ptr<CRL>, std::string>( crl, date );
}
void RemoteSigner::setLog( std::shared_ptr<std::ostream> target ) {
virtual std::shared_ptr<TBSCertificate> fetchTBSCert( std::shared_ptr<Job> job ) = 0;
virtual void writeBack( std::shared_ptr<Job> job, std::shared_ptr<SignedCertificate> res ) = 0;
virtual std::pair<std::string, std::string> getRevocationInfo( std::shared_ptr<Job> job ) = 0;
+ virtual void writeBackRevocation( std::shared_ptr<Job> job, std::string date ) = 0;
};
return std::pair<std::string, std::string>( std::string( row[0], row[0] + l[0] ), std::string( row[1], row[1] + l[1] ) );
}
+
+void MySQLJobProvider::writeBackRevocation( std::shared_ptr<Job> job, std::string date ) {
+ if( query( "UPDATE certs SET revoked = '" + this->escape_string( date ) + "' WHERE id = '" + this->escape_string( job->target ) + "'" ).first ) {
+ throw "Error while writing back revocation";
+ }
+}
std::shared_ptr<TBSCertificate> fetchTBSCert( std::shared_ptr<Job> job );
void writeBack( std::shared_ptr<Job> job, std::shared_ptr<SignedCertificate> res );
std::pair<std::string, std::string> getRevocationInfo( std::shared_ptr<Job> job );
+ void writeBackRevocation( std::shared_ptr<Job> job, std::string date );
};