From 4dcc14eba3c118e286b9e3fec1221c34ab674f13 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Felix=20D=C3=B6rre?= <felix@dogcraft.de>
Date: Tue, 13 Jan 2015 08:51:59 +0100
Subject: [PATCH] add: write signed from and to back to db

---
 src/apps/client.cpp         |  8 +-------
 src/crypto/remoteSigner.cpp |  3 +++
 src/crypto/sslUtil.cpp      | 16 ++++++++++++++++
 src/crypto/sslUtil.h        |  9 +++++++--
 src/db/database.h           |  4 ++--
 src/db/mysql.cpp            |  3 +--
 6 files changed, 30 insertions(+), 13 deletions(-)

diff --git a/src/apps/client.cpp b/src/apps/client.cpp
index 062816a..9423cb8 100644
--- a/src/apps/client.cpp
+++ b/src/apps/client.cpp
@@ -148,14 +148,8 @@ int main( int argc, const char* argv[] ) {
                 std::string date = rev.second;
                 const unsigned char* pos = ( const unsigned char* ) date.data();
                 std::shared_ptr<ASN1_TIME> time( d2i_ASN1_TIME( NULL, &pos, date.size() ), ASN1_TIME_free );
-                std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
-                std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
 
-                if( strdate[strdate.size() - 1] != 'Z' ) {
-                    throw "Got invalid date?";
-                }
-
-                jp->writeBackRevocation( job, strdate.substr( 0, strdate.size() - 1 ) );
+                jp->writeBackRevocation( job, timeToString( time ) );
                 jp->finishJob( job );
             } catch( const char* c ) {
                 std::cout << "Exception: " << c << std::endl;
diff --git a/src/crypto/remoteSigner.cpp b/src/crypto/remoteSigner.cpp
index eaeede0..1f0c07a 100644
--- a/src/crypto/remoteSigner.cpp
+++ b/src/crypto/remoteSigner.cpp
@@ -134,6 +134,9 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
             []( char* p ) {
                 OPENSSL_free( p );
             } ); // OPENSSL_free is a macro...
+
+        extractTimes( pem, result );
+
         result->serial = std::string( serStr.get() );
     }
 
diff --git a/src/crypto/sslUtil.cpp b/src/crypto/sslUtil.cpp
index 9487e42..82ff9f8 100644
--- a/src/crypto/sslUtil.cpp
+++ b/src/crypto/sslUtil.cpp
@@ -180,3 +180,19 @@ CAConfig::CAConfig( std::string name ) {
     ASN1_TIME* tm = X509_get_notBefore( ca );
     notBefore = std::shared_ptr<ASN1_TIME>( tm, ASN1_TIME_free );
 }
+
+std::string timeToString( std::shared_ptr<ASN1_TIME> time ) {
+    std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
+    std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
+
+    if( strdate[strdate.size() - 1] != 'Z' ) {
+        throw "Got invalid date?";
+    }
+
+    return strdate.substr( 0, strdate.size() - 1 );
+}
+
+void extractTimes( std::shared_ptr<X509> target,  std::shared_ptr<SignedCertificate> cert ) {
+    cert->before = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notBefore( target.get() ), ASN1_TIME_free ) );
+    cert->after = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notAfter( target.get() ), ASN1_TIME_free ) );
+}
diff --git a/src/crypto/sslUtil.h b/src/crypto/sslUtil.h
index a85871a..c01418f 100644
--- a/src/crypto/sslUtil.h
+++ b/src/crypto/sslUtil.h
@@ -1,10 +1,14 @@
 #pragma once
-#include <openssl/ssl.h>
+
 #include <memory>
 #include <string>
 #include <vector>
 #include <cinttypes>
 
+#include <openssl/ssl.h>
+
+#include "db/database.h"
+
 class CAConfig {
 public:
     std::string path;
@@ -14,7 +18,6 @@ public:
     std::shared_ptr<EVP_PKEY> caKey;
     std::shared_ptr<ASN1_TIME> notBefore;
     CAConfig( std::string name );
-
 };
 
 struct Profile {
@@ -42,3 +45,5 @@ std::shared_ptr<EVP_PKEY> loadPkeyFromFile( std::string filename );
 
 std::shared_ptr<SSL_CTX> generateSSLContext( bool server );
 std::shared_ptr<BIO> openSerial( const std::string name );
+std::string timeToString( std::shared_ptr<ASN1_TIME> time );
+void extractTimes( std::shared_ptr<X509> source, std::shared_ptr<SignedCertificate> cert );
diff --git a/src/db/database.h b/src/db/database.h
index 77db633..e7d1952 100644
--- a/src/db/database.h
+++ b/src/db/database.h
@@ -40,8 +40,8 @@ struct TBSCertificate {
 struct SignedCertificate {
     std::string certificate;
     std::string serial;
-    uint32_t before;
-    uint32_t after;
+    std::string before;
+    std::string after;
     std::string pkHash;
     std::string certHash;
     std::string crt_name;
diff --git a/src/db/mysql.cpp b/src/db/mysql.cpp
index 35bd507..304d496 100644
--- a/src/db/mysql.cpp
+++ b/src/db/mysql.cpp
@@ -319,8 +319,7 @@ void MySQLJobProvider::writeBack( std::shared_ptr<Job> job, std::shared_ptr<Sign
         read_id = std::string( row[0], row[0] + l[0] );
     }
 
-    std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', caId = '" + this->escape_string( read_id ) + "', created=NOW() WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1";
-
+    std::string q = "UPDATE certs SET crt_name='" + this->escape_string( res->crt_name ) + "', serial='" + this->escape_string( res->serial ) + "', caId = '" + this->escape_string( read_id ) + "', created='" + this->escape_string( res->before ) + "', expire='" + this->escape_string( res->after ) + "'  WHERE id='" + this->escape_string( job->target ) + "' LIMIT 1";
     // TODO write more thingies back
 
     if( query( q ).first ) {
-- 
2.47.3