X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=util%2Forg%2Fcacert%2Fgigi%2Futil%2FSimpleSigner.java;h=04602d82c7b66db2ba0c8799a0366903219f68e4;hp=3b2a40fdf87cbd0c3d258d8c6a92430cb74d7403;hb=a793cf333e23cba27e2ce4378becc0426f1e186a;hpb=e409ba881965634f63f0b67824bc93dda4ec4327 diff --git a/util/org/cacert/gigi/util/SimpleSigner.java b/util/org/cacert/gigi/util/SimpleSigner.java index 3b2a40fd..04602d82 100644 --- a/util/org/cacert/gigi/util/SimpleSigner.java +++ b/util/org/cacert/gigi/util/SimpleSigner.java @@ -12,42 +12,44 @@ import java.math.BigInteger; import java.security.GeneralSecurityException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; -import java.util.Date; -import java.sql.PreparedStatement; -import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Timestamp; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Calendar; +import java.util.Date; +import java.util.HashMap; import java.util.Properties; import java.util.TimeZone; import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.database.GigiPreparedStatement; +import org.cacert.gigi.database.GigiResultSet; +import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.output.DateSelector; public class SimpleSigner { - private static PreparedStatement warnMail; + private static GigiPreparedStatement warnMail; - private static PreparedStatement updateMail; + private static GigiPreparedStatement updateMail; - private static PreparedStatement readyCerts; + private static GigiPreparedStatement readyCerts; - private static PreparedStatement getSANSs; + private static GigiPreparedStatement getSANSs; - private static PreparedStatement revoke; + private static GigiPreparedStatement revoke; - private static PreparedStatement revokeCompleted; + private static GigiPreparedStatement revokeCompleted; - private static PreparedStatement finishJob; + private static GigiPreparedStatement finishJob; private static boolean running = true; private static Thread runner; - private static SimpleDateFormat sdf = new SimpleDateFormat("YYMMddHHmmss'Z'"); + private static SimpleDateFormat sdf = new SimpleDateFormat("yyMMddHHmmss'Z'"); static { TimeZone.setDefault(TimeZone.getTimeZone("UTC")); @@ -77,7 +79,7 @@ public class SimpleSigner { throw new IllegalStateException("already running"); } running = true; - readyCerts = DatabaseConnection.getInstance().prepare("SELECT certs.id AS id, certs.csr_name, certs.subject, jobs.id AS jobid, csr_type, md, keyUsage, extendedKeyUsage, executeFrom, executeTo, rootcert FROM jobs " + // + readyCerts = DatabaseConnection.getInstance().prepare("SELECT certs.id AS id, certs.csr_name, jobs.id AS jobid, csr_type, md, keyUsage, extendedKeyUsage, executeFrom, executeTo, rootcert FROM jobs " + // "INNER JOIN certs ON certs.id=jobs.targetId " + // "INNER JOIN profiles ON profiles.id=certs.profile " + // "WHERE jobs.state='open' "// @@ -128,7 +130,7 @@ public class SimpleSigner { } private static void revokeCertificates() throws SQLException, IOException, InterruptedException { - ResultSet rs = revoke.executeQuery(); + GigiResultSet rs = revoke.executeQuery(); boolean worked = false; while (rs.next()) { int id = rs.getInt(1); @@ -188,7 +190,7 @@ public class SimpleSigner { private static int counter = 0; private static void signCertificates() throws SQLException { - ResultSet rs = readyCerts.executeQuery(); + GigiResultSet rs = readyCerts.executeQuery(); Calendar c = Calendar.getInstance(); c.setTimeZone(TimeZone.getTimeZone("UTC")); @@ -229,7 +231,7 @@ public class SimpleSigner { } getSANSs.setInt(1, id); - ResultSet san = getSANSs.executeQuery(); + GigiResultSet san = getSANSs.executeQuery(); File f = new File("keys", "SANFile" + System.currentTimeMillis() + (counter++) + ".cfg"); PrintWriter cfg = new PrintWriter(f); @@ -246,8 +248,8 @@ public class SimpleSigner { cfg.print(san.getString("contents")); } cfg.println(); - cfg.println("keyUsage=" + keyUsage); - cfg.println("extendedKeyUsage=" + ekeyUsage); + cfg.println("keyUsage=critical," + keyUsage); + cfg.println("extendedKeyUsage=critical," + ekeyUsage); cfg.close(); int rootcert = rs.getInt("rootcert"); @@ -257,7 +259,17 @@ public class SimpleSigner { } else if (rootcert == 1) { ca = "assured"; } - + HashMap subj = new HashMap<>(); + GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT name, value FROM certAvas WHERE certId=?"); + ps.setInt(1, rs.getInt("id")); + GigiResultSet rs2 = ps.executeQuery(); + while (rs2.next()) { + subj.put(rs2.getString("name"), rs2.getString("value")); + } + if (subj.size() == 0) { + subj.put("CN", ""); + System.out.println("WARNING: DN was empty"); + } String[] call = new String[] { "openssl", "ca",// "-in", @@ -280,7 +292,7 @@ public class SimpleSigner { "../" + f.getName(),// "-subj", - rs.getString("subject"),// + Certificate.stringifyDN(subj),// "-config", "../selfsign.config"// @@ -318,8 +330,6 @@ public class SimpleSigner { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); - } catch (SQLException e) { - e.printStackTrace(); } catch (ParseException e) { e.printStackTrace(); } catch (InterruptedException e1) {