import club.wpia.gigi.crypto.SPKAC;
import club.wpia.gigi.database.DatabaseConnection;
+import club.wpia.gigi.database.DatabaseConnection.Link;
import club.wpia.gigi.database.GigiPreparedStatement;
import club.wpia.gigi.database.GigiResultSet;
-import club.wpia.gigi.database.DatabaseConnection.Link;
-import club.wpia.gigi.dbObjects.CertificateProfile;
-import club.wpia.gigi.dbObjects.Digest;
import club.wpia.gigi.dbObjects.Certificate.CSRType;
import club.wpia.gigi.dbObjects.Certificate.SANType;
import club.wpia.gigi.dbObjects.Certificate.SubjectAlternateName;
+import club.wpia.gigi.dbObjects.CertificateProfile;
+import club.wpia.gigi.dbObjects.Digest;
import club.wpia.gigi.output.DateSelector;
-import club.wpia.gigi.util.KeyStorage;
-import club.wpia.gigi.util.PEM;
+import club.wpia.gigi.util.ServerConstants.Host;
import sun.security.pkcs10.PKCS10;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
try (Reader reader = new InputStreamReader(new FileInputStream("config/gigi.properties"), "UTF-8")) {
p.load(reader);
}
+ ServerConstants.init(p);
DatabaseConnection.init(p);
runSigner();
getSANSs = new GigiPreparedStatement("SELECT contents, type FROM `subjectAlternativeNames` " + //
"WHERE `certId`=?");
- updateMail = new GigiPreparedStatement("UPDATE certs SET crt_name=?," + " created=NOW(), serial=?, caid=? WHERE id=?");
+ updateMail = new GigiPreparedStatement("UPDATE certs SET crt_name=?," + " created=NOW(), serial=?, caid=?, expire=? WHERE id=?");
warnMail = new GigiPreparedStatement("UPDATE jobs SET warning=warning+1, state=CASE WHEN warning<3 THEN 'open'::`jobState` ELSE 'error'::`jobState` END WHERE id=?");
revoke = new GigiPreparedStatement("SELECT certs.id, certs.csr_name,jobs.id FROM jobs INNER JOIN certs ON jobs.`targetId`=certs.id" + " WHERE jobs.state='open' AND task='revoke'");
updateMail.setString(1, crt.getPath());
updateMail.setString(2, serial.toString(16));
updateMail.setInt(3, caRs.getInt("id"));
- updateMail.setInt(4, id);
+ updateMail.setTimestamp(4, new Timestamp(toDate.getTime()));
+ updateMail.setInt(5, id);
updateMail.execute();
finishJob.setInt(1, rs.getInt("jobid"));
addExtension(extensions, new ObjectIdentifier(new int[] {
2, 5, 29, 37
}), generateEKU(eku));
+ addExtension(extensions, new ObjectIdentifier(new int[] {
+ 1, 3, 6, 1, 5, 5, 7, 1, 1
+ }), generateAIA());
}
DerOutputStream extensionsSeq = new DerOutputStream();
extensionsSeq.write(DerValue.tag_Sequence, extensions);
}
+ private static byte[] generateAIA() throws IOException {
+ try (DerOutputStream dos = new DerOutputStream()) {
+ try (DerOutputStream seq = new DerOutputStream()) {
+ seq.putOID(new ObjectIdentifier(new int[] {
+ 1, 3, 6, 1, 5, 5, 7, 48, 2
+ }));
+ seq.write((byte) 0x86, ("http://" + ServerConstants.getHostName(Host.OCSP_RESPONDER)).getBytes("UTF-8"));
+ dos.write(DerValue.tag_Sequence, seq);
+ }
+ byte[] data = dos.toByteArray();
+ dos.reset();
+ dos.write(DerValue.tag_Sequence, data);
+ return dos.toByteArray();
+ }
+ }
+
private static byte[] generateKU() throws IOException {
try (DerOutputStream dos = new DerOutputStream()) {
dos.putBitString(new byte[] {