add: write signed from and to back to db

diff --git a/src/apps/client.cpp b/src/apps/client.cpp
index 062816ac7e7ee4e53fbcf24a60f9936b9caec970..9423cb85a0d87b580047e744e35ef6fee65b8777 100644 (file)
--- a/src/apps/client.cpp
+++ b/src/apps/client.cpp
@@ -148,14 +148,8 @@ int main( int argc, const char* argv[] ) {
                 std::string date = rev.second;
                 const unsigned char* pos = ( const unsigned char* ) date.data();
                 std::shared_ptr<ASN1_TIME> time( d2i_ASN1_TIME( NULL, &pos, date.size() ), ASN1_TIME_free );
-                std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
-                std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
 
-                if( strdate[strdate.size() - 1] != 'Z' ) {
-                    throw "Got invalid date?";
-                }
-
-                jp->writeBackRevocation( job, strdate.substr( 0, strdate.size() - 1 ) );
+                jp->writeBackRevocation( job, timeToString( time ) );
                 jp->finishJob( job );
             } catch( const char* c ) {
                 std::cout << "Exception: " << c << std::endl;

diff --git a/src/crypto/remoteSigner.cpp b/src/crypto/remoteSigner.cpp
index eaeede065c6e50c98bbb2eba9203f49d679732c1..1f0c07a87041f886ba9250b3d58ff68e286e4818 100644 (file)
--- a/src/crypto/remoteSigner.cpp
+++ b/src/crypto/remoteSigner.cpp
@@ -134,6 +134,9 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
             []( char* p ) {
                 OPENSSL_free( p );
             } ); // OPENSSL_free is a macro...
+
+        extractTimes( pem, result );
+
         result->serial = std::string( serStr.get() );
     }
 

diff --git a/src/crypto/sslUtil.cpp b/src/crypto/sslUtil.cpp
index 9487e42a7253a98d581f7509498e477b8f314da4..82ff9f80fc8dac1dcda3a7a768a5049f7b4285da 100644 (file)
--- a/src/crypto/sslUtil.cpp
+++ b/src/crypto/sslUtil.cpp
@@ -180,3 +180,19 @@ CAConfig::CAConfig( std::string name ) {
     ASN1_TIME* tm = X509_get_notBefore( ca );
     notBefore = std::shared_ptr<ASN1_TIME>( tm, ASN1_TIME_free );
 }
+
+std::string timeToString( std::shared_ptr<ASN1_TIME> time ) {
+    std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
+    std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
+
+    if( strdate[strdate.size() - 1] != 'Z' ) {
+        throw "Got invalid date?";
+    }
+
+    return strdate.substr( 0, strdate.size() - 1 );
+}
+
+void extractTimes( std::shared_ptr<X509> target,  std::shared_ptr<SignedCertificate> cert ) {
+    cert->before = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notBefore( target.get() ), ASN1_TIME_free ) );
+    cert->after = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notAfter( target.get() ), ASN1_TIME_free ) );
+}

diff --git a/src/crypto/sslUtil.h b/src/crypto/sslUtil.h
index a85871a4520751bf2101ebfe8e1ccef62af9c2a6..c01418fdca28ba9df86c290bd2bda1e59afc036e 100644 (file)
--- a/src/crypto/sslUtil.h
+++ b/src/crypto/sslUtil.h
@@ -1,10 +1,14 @@
 #pragma once
-#include <openssl/ssl.h>
+
 #include <memory>
 #include <string>
 #include <vector>
 #include <cinttypes>
 
+#include <openssl/ssl.h>
+
+#include "db/database.h"
+
 class CAConfig {
 public:
     std::string path;
@@ -14,7 +18,6 @@ public:
     std::shared_ptr<EVP_PKEY> caKey;
     std::shared_ptr<ASN1_TIME> notBefore;
     CAConfig( std::string name );
-
 };
 
 struct Profile {
@@ -42,3 +45,5 @@ std::shared_ptr<EVP_PKEY> loadPkeyFromFile( std::string filename );
 
 std::shared_ptr<SSL_CTX> generateSSLContext( bool server );
 std::shared_ptr<BIO> openSerial( const std::string name );
+std::string timeToString( std::shared_ptr<ASN1_TIME> time );
+void extractTimes( std::shared_ptr<X509> source, std::shared_ptr<SignedCertificate> cert );

diff --git a/src/db/database.h b/src/db/database.h
index 77db633aa636de0658a5173397145f370e8b8fff..e7d195229158ec44379ab14c82fc1c0ccc47926d 100644 (file)
--- a/src/db/database.h
+++ b/src/db/database.h
@@ -40,8 +40,8 @@ struct TBSCertificate {
 struct SignedCertificate {
     std::string certificate;
     std::string serial;
-    uint32_t before;
-    uint32_t after;
+    std::string before;
+    std::string after;
     std::string pkHash;
     std::string certHash;
     std::string crt_name;

diff --git a/src/db/mysql.cpp b/src/db/mysql.cpp
index 35bd507efd48979544b5b08b038aee8344342839..304d4963dcaed689e54751ca1b6ed756405e6f80 100644 (file)
--- a/src/db/mysql.cpp
+++ b/src/db/mysql.cpp
@@ -319,8 +319,7 @@ void MySQLJobProvider::writeBack( std::shared_ptr<Job> job, std::shared_ptr<Sign
         read_id = std::string( row[0], row[0] + l[0] );
     }
 
-    std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', caId = '" + this->escape_string( read_id ) + "', created=NOW() WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1";
-
+    std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', caId = '" + this->escape_string( read_id ) + "', created='" + this->escape_string( res->before ) + "', expire='" + this->escape_string( res->after ) + "'  WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1";
     // TODO write more thingies back
 
     if( query( q ).first ) {