X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=util-testing%2Forg%2Fcacert%2Fgigi%2Futil%2FSimpleSigner.java;h=9a2fb1074f612bd62ce4f5f850d31ec644b87fd8;hp=bc2ee366db8da71e09ba1118332f010ce551be77;hb=dd08e76b61c848c75e6a8ca0d9f4a6b22ac112b9;hpb=2172993aef7ec7f87133c3ed60cec398afdb82c1 diff --git a/util-testing/org/cacert/gigi/util/SimpleSigner.java b/util-testing/org/cacert/gigi/util/SimpleSigner.java index bc2ee366..9a2fb107 100644 --- a/util-testing/org/cacert/gigi/util/SimpleSigner.java +++ b/util-testing/org/cacert/gigi/util/SimpleSigner.java @@ -28,6 +28,7 @@ import java.text.SimpleDateFormat; import java.util.Base64; import java.util.Calendar; import java.util.Date; +import java.util.GregorianCalendar; import java.util.HashMap; import java.util.LinkedList; import java.util.List; @@ -127,7 +128,7 @@ public class SimpleSigner { "INNER JOIN certs ON certs.id=jobs.`targetId` " + // "INNER JOIN profiles ON profiles.id=certs.profile " + // "WHERE jobs.state='open' "// - + "AND task='sign'"); + + "AND task='sign'"); getSANSs = new GigiPreparedStatement("SELECT contents, type FROM `subjectAlternativeNames` " + // "WHERE `certId`=?"); @@ -327,9 +328,14 @@ public class SimpleSigner { PKCS10 p10 = new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", new String(data, "UTF-8"))); pk = p10.getSubjectPublicKeyInfo(); } - String ca = caP.getProperty("ca") + "_2015_1"; + Calendar cal = GregorianCalendar.getInstance(); + String ca = caP.getProperty("ca") + "_" + cal.get(Calendar.YEAR) + (cal.get(Calendar.MONTH) >= 6 ? "_2" : "_1"); File parent = new File("signer/ca"); - for (File f : parent.listFiles()) { + File[] caFiles = parent.listFiles(); + if (null == caFiles) { + caFiles = new File[0]; + } + for (File f : caFiles) { if (f.getName().startsWith(caP.getProperty("ca"))) { ca = f.getName(); break; @@ -503,35 +509,36 @@ public class SimpleSigner { private static byte[] generateEKU(String eku) throws IOException { - DerOutputStream dos = new DerOutputStream(); - for (String name : eku.split(",")) { - ObjectIdentifier oid; - switch (name) { - case "serverAuth": - oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.1"); - break; - case "clientAuth": - oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.2"); - break; - case "codeSigning": - oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.3"); - break; - case "emailProtection": - oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.4"); - break; - case "OCSPSigning": - oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.9"); - break; - - default: - throw new Error(name); + try (DerOutputStream dos = new DerOutputStream()) { + for (String name : eku.split(",")) { + ObjectIdentifier oid; + switch (name) { + case "serverAuth": + oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.1"); + break; + case "clientAuth": + oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.2"); + break; + case "codeSigning": + oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.3"); + break; + case "emailProtection": + oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.4"); + break; + case "OCSPSigning": + oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.9"); + break; + + default: + throw new Error(name); + } + dos.putOID(oid); } - dos.putOID(oid); + byte[] data = dos.toByteArray(); + dos.reset(); + dos.write(DerValue.tag_Sequence, data); + return dos.toByteArray(); } - byte[] data = dos.toByteArray(); - dos.reset(); - dos.write(DerValue.tag_Sequence, data); - return dos.toByteArray(); } public static X500Name genX500Name(Map subj) throws IOException {