X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=util%2Forg%2Fcacert%2Fgigi%2Futil%2FSimpleSigner.java;h=d3b168a995547ebdc19af869cac4d59cade577e5;hp=2f0f6f6bca6479087039766ca1d1edebd1e6dddd;hb=52861b747c9687ec8050e73b7c8c7294024634ab;hpb=0b0af7389db0efd9cc72f74fb69f4a2a304563ae diff --git a/util/org/cacert/gigi/util/SimpleSigner.java b/util/org/cacert/gigi/util/SimpleSigner.java index 2f0f6f6b..d3b168a9 100644 --- a/util/org/cacert/gigi/util/SimpleSigner.java +++ b/util/org/cacert/gigi/util/SimpleSigner.java @@ -12,42 +12,45 @@ import java.math.BigInteger; import java.security.GeneralSecurityException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; -import java.util.Date; -import java.sql.PreparedStatement; -import java.sql.ResultSet; import java.sql.SQLException; +import java.sql.Timestamp; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Calendar; +import java.util.Date; import java.util.Properties; import java.util.TimeZone; -import org.cacert.gigi.Certificate.CSRType; import org.cacert.gigi.database.DatabaseConnection; -import org.cacert.gigi.output.CertificateValiditySelector; +import org.cacert.gigi.database.GigiPreparedStatement; +import org.cacert.gigi.database.GigiResultSet; +import org.cacert.gigi.dbObjects.Certificate.CSRType; +import org.cacert.gigi.output.DateSelector; public class SimpleSigner { - private static PreparedStatement warnMail; + private static GigiPreparedStatement warnMail; - private static PreparedStatement updateMail; + private static GigiPreparedStatement updateMail; - private static PreparedStatement readyCerts; + private static GigiPreparedStatement readyCerts; - private static PreparedStatement getSANSs; + private static GigiPreparedStatement getSANSs; - private static PreparedStatement revoke; + private static GigiPreparedStatement revoke; - private static PreparedStatement revokeCompleted; + private static GigiPreparedStatement revokeCompleted; - private static PreparedStatement finishJob; + private static GigiPreparedStatement finishJob; private static boolean running = true; private static Thread runner; - private static SimpleDateFormat sdf = new SimpleDateFormat("YYMMddHHmmss'Z'"); + private static SimpleDateFormat sdf = new SimpleDateFormat("yyMMddHHmmss'Z'"); + static { + TimeZone.setDefault(TimeZone.getTimeZone("UTC")); sdf.setTimeZone(TimeZone.getTimeZone("UTC")); } @@ -74,7 +77,7 @@ public class SimpleSigner { throw new IllegalStateException("already running"); } running = true; - readyCerts = DatabaseConnection.getInstance().prepare("SELECT certs.id AS id, certs.csr_name, certs.subject, jobs.id AS jobid, csr_type, md, keyUsage, extendedKeyUsage, executeFrom, executeTo FROM jobs " + // + readyCerts = DatabaseConnection.getInstance().prepare("SELECT certs.id AS id, certs.csr_name, certs.subject, jobs.id AS jobid, csr_type, md, keyUsage, extendedKeyUsage, executeFrom, executeTo, rootcert FROM jobs " + // "INNER JOIN certs ON certs.id=jobs.targetId " + // "INNER JOIN profiles ON profiles.id=certs.profile " + // "WHERE jobs.state='open' "// @@ -125,7 +128,7 @@ public class SimpleSigner { } private static void revokeCertificates() throws SQLException, IOException, InterruptedException { - ResultSet rs = revoke.executeQuery(); + GigiResultSet rs = revoke.executeQuery(); boolean worked = false; while (rs.next()) { int id = rs.getInt(1); @@ -185,7 +188,11 @@ public class SimpleSigner { private static int counter = 0; private static void signCertificates() throws SQLException { - ResultSet rs = readyCerts.executeQuery(); + GigiResultSet rs = readyCerts.executeQuery(); + + Calendar c = Calendar.getInstance(); + c.setTimeZone(TimeZone.getTimeZone("UTC")); + while (rs.next()) { String csrname = rs.getString("csr_name"); int id = rs.getInt("id"); @@ -197,7 +204,8 @@ public class SimpleSigner { String keyUsage = rs.getString("keyUsage"); String ekeyUsage = rs.getString("extendedKeyUsage"); - java.sql.Date from = rs.getDate("executeFrom"); + + Timestamp from = rs.getTimestamp("executeFrom"); String length = rs.getString("executeTo"); Date fromDate; Date toDate; @@ -209,8 +217,6 @@ public class SimpleSigner { if (length.endsWith("m") || length.endsWith("y")) { String num = length.substring(0, length.length() - 1); int inter = Integer.parseInt(num); - Calendar c = Calendar.getInstance(); - c.setTimeZone(TimeZone.getTimeZone("UTC")); c.setTime(fromDate); if (length.endsWith("m")) { c.add(Calendar.MONTH, inter); @@ -219,13 +225,11 @@ public class SimpleSigner { } toDate = c.getTime(); } else { - toDate = CertificateValiditySelector.getDateFormat().parse(length); + toDate = DateSelector.getDateFormat().parse(length); } - System.out.println(from); - System.out.println(sdf.format(fromDate)); getSANSs.setInt(1, id); - ResultSet san = getSANSs.executeQuery(); + GigiResultSet san = getSANSs.executeQuery(); File f = new File("keys", "SANFile" + System.currentTimeMillis() + (counter++) + ".cfg"); PrintWriter cfg = new PrintWriter(f); @@ -242,18 +246,26 @@ public class SimpleSigner { cfg.print(san.getString("contents")); } cfg.println(); - cfg.println("keyUsage=" + keyUsage); - cfg.println("extendedKeyUsage=" + ekeyUsage); + cfg.println("keyUsage=critical," + keyUsage); + cfg.println("extendedKeyUsage=critical," + ekeyUsage); cfg.close(); + int rootcert = rs.getInt("rootcert"); + String ca = "unassured"; + if (rootcert == 0) { + ca = "unassured"; + } else if (rootcert == 1) { + ca = "assured"; + } + String[] call = new String[] { "openssl", "ca",// "-in", "../../" + csrname,// "-cert", - "../unassured.crt",// + "../" + ca + ".crt",// "-keyfile", - "../unassured.key",// + "../" + ca + ".key",// "-out", "../../" + crt.getPath(),// "-utf8", @@ -306,8 +318,6 @@ public class SimpleSigner { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); - } catch (SQLException e) { - e.printStackTrace(); } catch (ParseException e) { e.printStackTrace(); } catch (InterruptedException e1) {