add: write back signing CA

diff --git a/src/crypto/remoteSigner.cpp b/src/crypto/remoteSigner.cpp
index 81a70ccef9a240d7178156b0dd176e8741ec67b0..bad2065b2c435bc39516e57026183c0c5136a461 100644 (file)
--- a/src/crypto/remoteSigner.cpp
+++ b/src/crypto/remoteSigner.cpp
@@ -70,7 +70,7 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
     std::shared_ptr<SignedCertificate> result = std::shared_ptr<SignedCertificate>( new SignedCertificate() );
     std::vector<char> buffer( 2048 * 4 );
 
-    for( int i = 0; i < 2; i++ ) {
+    for( int i = 0; i < 3; i++ ) {
         try {
             int length = conn->read( buffer.data(), buffer.size() );
 
@@ -92,6 +92,10 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
                 result->log = payload;
                 break;
 
+            case RecordHeader::SignerResult::SIGNING_CA:
+                result->ca_name = payload;
+                break;
+
             default:
                 std::cout << "Invalid Message" << std::endl;
                 break;

diff --git a/src/crypto/simpleOpensslSigner.cpp b/src/crypto/simpleOpensslSigner.cpp
index 2aea5c815944a82a3f220e291f02bb91dd04e36d..b7497e6107cf1ce30b53907a8c70d8cdcf4e6ab3 100644 (file)
--- a/src/crypto/simpleOpensslSigner.cpp
+++ b/src/crypto/simpleOpensslSigner.cpp
@@ -156,6 +156,7 @@ std::shared_ptr<SignedCertificate> SimpleOpensslSigner::sign( std::shared_ptr<TB
     std::shared_ptr<SignedCertificate> output = c.sign( prof.ca->caKey, cert->md );
     signlog << "FINE: all went well" << std::endl;
     signlog << "FINE: crt went to: " << writeBackFile( num, output->certificate, prof.ca->path ) << std::endl;
+    output->ca_name = prof.ca->name;
     output->log = signlog.str();
     return output;
 }

diff --git a/src/db/mysql.cpp b/src/db/mysql.cpp
index 973e9d0fb68f06ba13f8d57f29e07485ba632c88..e3fbca5e6a7d4e6336eb6155be002b18ba609e49 100644 (file)
--- a/src/db/mysql.cpp
+++ b/src/db/mysql.cpp
@@ -292,7 +292,34 @@ void MySQLJobProvider::writeBack( std::shared_ptr<Job> job, std::shared_ptr<Sign
         throw "Error while writing back";
     }
 
-    std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', created=NOW() WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1";
+    std::string id = "SELECT id FROM cacerts WHERE keyname='" + this->escape_string( res->ca_name ) + "'";
+
+    int err = 0;
+    std::shared_ptr<MYSQL_RES> resu;
+    std::tie( err, resu ) = query( id );
+
+    if( err ) {
+        throw "Error while looking ca cert id";
+    }
+
+    MYSQL_ROW row = mysql_fetch_row( resu.get() );
+    unsigned long* l = mysql_fetch_lengths( resu.get() );
+
+    std::string read_id;
+
+    if( !row || !l ) {
+        if( query( "INSERT INTO cacerts SET keyname= '" + this->escape_string( res->ca_name ) + "', subroot = 0" ).first ) {
+            throw "Error while inserting new ca cert";
+        }
+
+        my_ulonglong insert_id = mysql_insert_id( conn.get() );
+
+        read_id = std::to_string( insert_id );
+    } else {
+        read_id = std::string( row[0], row[0] + l[0] );
+    }
+
+    std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', caId = '" + this->escape_string( read_id ) + "', created=NOW() WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1";
 
     // TODO write more thingies back
 

diff --git a/src/io/record.h b/src/io/record.h
index 92837bd0eec0d7206496b4b68e2cceed65cf6914..b08411353f57188c1c1dd2313bb73f4b2ca4f9d5 100644 (file)
--- a/src/io/record.h
+++ b/src/io/record.h
@@ -31,7 +31,8 @@ public:
         REVOKED = 0x100,
         FULL_CRL = 0x101,
         SAVE_LOG = 0x80,
-        CERTIFICATE = 0x81
+        CERTIFICATE = 0x81,
+        SIGNING_CA = 0x82,
     };
 
 public:

diff --git a/src/io/recordHandler.cpp b/src/io/recordHandler.cpp
index 5055d5c7b823cae75bb976943d6457cb3f79b68e..b79d3cc144b96d2c70d210306e989c7846e9792e 100644 (file)
--- a/src/io/recordHandler.cpp
+++ b/src/io/recordHandler.cpp
@@ -167,6 +167,7 @@ public:
 
         case RecordHeader::SignerCommand::LOG_SAVED:
             if( result ) {
+                respondCommand( RecordHeader::SignerResult::SIGNING_CA, result->ca_name );
                 respondCommand( RecordHeader::SignerResult::CERTIFICATE, result->certificate );
             }