std::string keyDir;
std::vector<Profile> profiles;
+std::string sqlHost, sqlUser, sqlPass, sqlDB;
std::string writeBackFile( uint32_t serial, std::string cert ) {
std::string filename = "keys";
}
int main( int argc, const char* argv[] ) {
- if( argc < 2 ) {
- std::cout << argv[0] << " password" << std::endl;
- return 1;
- }
-
+ ( void ) argc;
+ ( void ) argv;
std::ifstream config;
config.open( "config.txt" );
if( key == "key.directory" ) {
keyDir = value;
continue;
+ } else if( key == "sql.host" ) {
+ sqlHost = value;
+ } else if( key == "sql.user" ) {
+ sqlUser = value;
+ } else if( key == "sql.password" ) {
+ sqlPass = value;
+ } else if( key == "sql.database" ) {
+ sqlDB = value;
}
if( key.compare( 0, 8, "profile." ) == 0 ) {
}
if( rest == "key" ) {
- profiles[i].cert = value;
- } else if( rest == "cert" ) {
profiles[i].key = value;
+ } else if( rest == "cert" ) {
+ profiles[i].cert = value;
} else {
std::cout << "invalid line: " << line1 << std::endl;
continue;
config.close();
- std::shared_ptr<JobProvider> jp( new MySQLJobProvider( "localhost", "cacert", argv[1], "cacert" ) );
+ std::shared_ptr<JobProvider> jp( new MySQLJobProvider( sqlHost, sqlUser, sqlPass, sqlDB ) );
std::shared_ptr<Signer> sign( new SimpleOpensslSigner() );
while( true ) {
cert->csr_content = std::string( std::istreambuf_iterator<char>( t ), std::istreambuf_iterator<char>() );
std::shared_ptr<SignedCertificate> res = sign->sign( cert );
- std::string fn = writeBackFile( res->serial, res->certificate );
+ std::string fn = writeBackFile( atoi( job->target.c_str() ), res->certificate );
res->crt_name = fn;
jp->writeBack( job, res );
} catch( const char* c ) {
throw "Error while writing back";
}
- std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( std::to_string( res->serial ) ) + "' WHERE id='" + this->escape_string( job->id ) + "' LIMIT 1";
+ std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( std::to_string( res->serial ) ) + "', created=NOW() WHERE id='" + this->escape_string( job->id ) + "' LIMIT 1";
// TODO write more thingies back
#include <openssl/engine.h>
#include <openssl/x509v3.h>
-#include "X509.h"
+extern std::vector<Profile> profiles;
std::shared_ptr<int> SimpleOpensslSigner::lib_ref(
new int( SSL_library_init() ),
} );
}
-std::shared_ptr<X509> SimpleOpensslSigner::caCert = loadX509FromFile( "assured.crt" );
+SimpleOpensslSigner::SimpleOpensslSigner() {
+ caCert = loadX509FromFile( profiles[0].cert );
+ caKey = loadPkeyFromFile( profiles[0].key );
+}
-std::shared_ptr<EVP_PKEY> SimpleOpensslSigner::caKey = loadPkeyFromFile( "assured.key" );
+int serial = 10;
std::shared_ptr<SignedCertificate> SimpleOpensslSigner::sign( std::shared_ptr<TBSCertificate> cert ) {
if( !caKey ) {
c.setIssuerNameFrom( caCert );
c.setPubkeyFrom( req );
- c.setSerialNumber( 4711 );
+ c.setSerialNumber( serial++ );
c.setTimes( 0, 60 * 60 * 24 * 10 );
c.setExtensions( caCert, cert->SANs );
- std::string output = c.sign( caKey );
-
std::shared_ptr<SignedCertificate> output = c.sign( caKey );
return output;
class SimpleOpensslSigner : public Signer {
private:
static std::shared_ptr<int> lib_ref;
- static std::shared_ptr<EVP_PKEY> caKey;
- static std::shared_ptr<X509> caCert;
+ std::shared_ptr<EVP_PKEY> caKey;
+ std::shared_ptr<X509> caCert;
public:
+ SimpleOpensslSigner();
std::shared_ptr<SignedCertificate> sign( std::shared_ptr<TBSCertificate> cert );
};