X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=util%2Forg%2Fcacert%2Fgigi%2Futil%2FSimpleSigner.java;h=04602d82c7b66db2ba0c8799a0366903219f68e4;hp=fe08aef94a0d089ad85e7af03e25ccb954992fe5;hb=a793cf333e23cba27e2ce4378becc0426f1e186a;hpb=d895448cb685adc4c2bfac8d92759252d2ce8c36

diff --git a/util/org/cacert/gigi/util/SimpleSigner.java b/util/org/cacert/gigi/util/SimpleSigner.java
index fe08aef9..04602d82 100644
--- a/util/org/cacert/gigi/util/SimpleSigner.java
+++ b/util/org/cacert/gigi/util/SimpleSigner.java
@@ -12,43 +12,47 @@ import java.math.BigInteger;
 import java.security.GeneralSecurityException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
-import java.util.Date;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
 import java.sql.SQLException;
+import java.sql.Timestamp;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.Calendar;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.Properties;
 import java.util.TimeZone;
 
-import org.cacert.gigi.Certificate.CSRType;
 import org.cacert.gigi.database.DatabaseConnection;
-import org.cacert.gigi.output.CertificateValiditySelector;
+import org.cacert.gigi.database.GigiPreparedStatement;
+import org.cacert.gigi.database.GigiResultSet;
+import org.cacert.gigi.dbObjects.Certificate;
+import org.cacert.gigi.dbObjects.Certificate.CSRType;
+import org.cacert.gigi.output.DateSelector;
 
 public class SimpleSigner {
 
-    private static PreparedStatement warnMail;
+    private static GigiPreparedStatement warnMail;
 
-    private static PreparedStatement updateMail;
+    private static GigiPreparedStatement updateMail;
 
-    private static PreparedStatement readyCerts;
+    private static GigiPreparedStatement readyCerts;
 
-    private static PreparedStatement getSANSs;
+    private static GigiPreparedStatement getSANSs;
 
-    private static PreparedStatement revoke;
+    private static GigiPreparedStatement revoke;
 
-    private static PreparedStatement revokeCompleted;
+    private static GigiPreparedStatement revokeCompleted;
 
-    private static PreparedStatement finishJob;
+    private static GigiPreparedStatement finishJob;
 
     private static boolean running = true;
 
     private static Thread runner;
 
-    private static SimpleDateFormat sdf = new SimpleDateFormat("YYMMddHHmmss'Z'");
+    private static SimpleDateFormat sdf = new SimpleDateFormat("yyMMddHHmmss'Z'");
 
     static {
+        TimeZone.setDefault(TimeZone.getTimeZone("UTC"));
         sdf.setTimeZone(TimeZone.getTimeZone("UTC"));
     }
 
@@ -75,7 +79,7 @@ public class SimpleSigner {
             throw new IllegalStateException("already running");
         }
         running = true;
-        readyCerts = DatabaseConnection.getInstance().prepare("SELECT certs.id AS id, certs.csr_name, certs.subject, jobs.id AS jobid, csr_type, md, keyUsage, extendedKeyUsage, executeFrom, executeTo, rootcert FROM jobs " + //
+        readyCerts = DatabaseConnection.getInstance().prepare("SELECT certs.id AS id, certs.csr_name, jobs.id AS jobid, csr_type, md, keyUsage, extendedKeyUsage, executeFrom, executeTo, rootcert FROM jobs " + //
                 "INNER JOIN certs ON certs.id=jobs.targetId " + //
                 "INNER JOIN profiles ON profiles.id=certs.profile " + //
                 "WHERE jobs.state='open' "//
@@ -126,7 +130,7 @@ public class SimpleSigner {
     }
 
     private static void revokeCertificates() throws SQLException, IOException, InterruptedException {
-        ResultSet rs = revoke.executeQuery();
+        GigiResultSet rs = revoke.executeQuery();
         boolean worked = false;
         while (rs.next()) {
             int id = rs.getInt(1);
@@ -186,7 +190,11 @@ public class SimpleSigner {
     private static int counter = 0;
 
     private static void signCertificates() throws SQLException {
-        ResultSet rs = readyCerts.executeQuery();
+        GigiResultSet rs = readyCerts.executeQuery();
+
+        Calendar c = Calendar.getInstance();
+        c.setTimeZone(TimeZone.getTimeZone("UTC"));
+
         while (rs.next()) {
             String csrname = rs.getString("csr_name");
             int id = rs.getInt("id");
@@ -198,7 +206,8 @@ public class SimpleSigner {
 
                 String keyUsage = rs.getString("keyUsage");
                 String ekeyUsage = rs.getString("extendedKeyUsage");
-                java.sql.Date from = rs.getDate("executeFrom");
+
+                Timestamp from = rs.getTimestamp("executeFrom");
                 String length = rs.getString("executeTo");
                 Date fromDate;
                 Date toDate;
@@ -210,8 +219,6 @@ public class SimpleSigner {
                 if (length.endsWith("m") || length.endsWith("y")) {
                     String num = length.substring(0, length.length() - 1);
                     int inter = Integer.parseInt(num);
-                    Calendar c = Calendar.getInstance();
-                    c.setTimeZone(TimeZone.getTimeZone("UTC"));
                     c.setTime(fromDate);
                     if (length.endsWith("m")) {
                         c.add(Calendar.MONTH, inter);
@@ -220,13 +227,11 @@ public class SimpleSigner {
                     }
                     toDate = c.getTime();
                 } else {
-                    toDate = CertificateValiditySelector.getDateFormat().parse(length);
+                    toDate = DateSelector.getDateFormat().parse(length);
                 }
-                System.out.println(from);
-                System.out.println(sdf.format(fromDate));
 
                 getSANSs.setInt(1, id);
-                ResultSet san = getSANSs.executeQuery();
+                GigiResultSet san = getSANSs.executeQuery();
 
                 File f = new File("keys", "SANFile" + System.currentTimeMillis() + (counter++) + ".cfg");
                 PrintWriter cfg = new PrintWriter(f);
@@ -243,8 +248,8 @@ public class SimpleSigner {
                     cfg.print(san.getString("contents"));
                 }
                 cfg.println();
-                cfg.println("keyUsage=" + keyUsage);
-                cfg.println("extendedKeyUsage=" + ekeyUsage);
+                cfg.println("keyUsage=critical," + keyUsage);
+                cfg.println("extendedKeyUsage=critical," + ekeyUsage);
                 cfg.close();
 
                 int rootcert = rs.getInt("rootcert");
@@ -254,7 +259,17 @@ public class SimpleSigner {
                 } else if (rootcert == 1) {
                     ca = "assured";
                 }
-
+                HashMap<String, String> subj = new HashMap<>();
+                GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT name, value FROM certAvas WHERE certId=?");
+                ps.setInt(1, rs.getInt("id"));
+                GigiResultSet rs2 = ps.executeQuery();
+                while (rs2.next()) {
+                    subj.put(rs2.getString("name"), rs2.getString("value"));
+                }
+                if (subj.size() == 0) {
+                    subj.put("CN", "<empty>");
+                    System.out.println("WARNING: DN was empty");
+                }
                 String[] call = new String[] {
                         "openssl", "ca",//
                         "-in",
@@ -277,7 +292,7 @@ public class SimpleSigner {
                         "../" + f.getName(),//
 
                         "-subj",
-                        rs.getString("subject"),//
+                        Certificate.stringifyDN(subj),//
                         "-config",
                         "../selfsign.config"//
 
@@ -315,8 +330,6 @@ public class SimpleSigner {
                 e.printStackTrace();
             } catch (IOException e) {
                 e.printStackTrace();
-            } catch (SQLException e) {
-                e.printStackTrace();
             } catch (ParseException e) {
                 e.printStackTrace();
             } catch (InterruptedException e1) {