Search in sources :

Example 1 with CertsReader

use of org.xipki.ca.dbtool.xmlio.ca.CertsReader in project xipki by xipki.

the class OcspCertStoreFromCaDbImporter method importCert0.

// method importCert
private long importCert0(HashAlgo certhashAlgo, PreparedStatement psCert, String certsZipFile, Map<Integer, String> profileMap, boolean revokedOnly, List<Integer> caIds, long minId, File processLogFile, ProcessLog processLog, int numProcessedInLastProcess, ProcessLog importLog) throws Exception {
    ZipFile zipFile = new ZipFile(new File(certsZipFile));
    ZipEntry certsXmlEntry = zipFile.getEntry("overview.xml");
    CertsReader certs;
    try {
        certs = new CertsReader(zipFile.getInputStream(certsXmlEntry));
    } catch (Exception ex) {
        try {
            zipFile.close();
        } catch (Exception ex2) {
            LOG.error("could not close ZIP file {}: {}", certsZipFile, ex2.getMessage());
            LOG.debug("could not close ZIP file " + certsZipFile, ex2);
        }
        throw ex;
    }
    disableAutoCommit();
    try {
        int numProcessedEntriesInBatch = 0;
        int numImportedEntriesInBatch = 0;
        long lastSuccessfulCertId = 0;
        while (certs.hasNext()) {
            if (stopMe.get()) {
                throw new InterruptedException("interrupted by the user");
            }
            CertType cert = (CertType) certs.next();
            long id = cert.getId();
            lastSuccessfulCertId = id;
            if (id < minId) {
                continue;
            }
            numProcessedEntriesInBatch++;
            if (!revokedOnly || cert.getRev().booleanValue()) {
                int caId = cert.getCaId();
                if (caIds.contains(caId)) {
                    numImportedEntriesInBatch++;
                    String filename = cert.getFile();
                    // rawcert
                    ZipEntry certZipEnty = zipFile.getEntry(filename);
                    // rawcert
                    byte[] encodedCert = IoUtil.read(zipFile.getInputStream(certZipEnty));
                    String certhash = certhashAlgo.base64Hash(encodedCert);
                    TBSCertificate tbsCert;
                    try {
                        Certificate cc = Certificate.getInstance(encodedCert);
                        tbsCert = cc.getTBSCertificate();
                    } catch (RuntimeException ex) {
                        LOG.error("could not parse certificate in file {}", filename);
                        LOG.debug("could not parse certificate in file " + filename, ex);
                        throw new CertificateException(ex.getMessage(), ex);
                    }
                    String subject = X509Util.cutX500Name(tbsCert.getSubject(), maxX500nameLen);
                    // cert
                    try {
                        int idx = 1;
                        psCert.setLong(idx++, id);
                        psCert.setInt(idx++, caId);
                        psCert.setString(idx++, tbsCert.getSerialNumber().getPositiveValue().toString(16));
                        psCert.setLong(idx++, cert.getUpdate());
                        psCert.setLong(idx++, tbsCert.getStartDate().getDate().getTime() / 1000);
                        psCert.setLong(idx++, tbsCert.getEndDate().getDate().getTime() / 1000);
                        setBoolean(psCert, idx++, cert.getRev());
                        setInt(psCert, idx++, cert.getRr());
                        setLong(psCert, idx++, cert.getRt());
                        setLong(psCert, idx++, cert.getRit());
                        int certprofileId = cert.getPid();
                        String certprofileName = profileMap.get(certprofileId);
                        psCert.setString(idx++, certprofileName);
                        psCert.setString(idx++, certhash);
                        psCert.setString(idx++, subject);
                        psCert.addBatch();
                    } catch (SQLException ex) {
                        throw translate(SQL_ADD_CERT, ex);
                    }
                }
            // end if (caIds.contains(caId))
            }
            // end if (revokedOnly
            boolean isLastBlock = !certs.hasNext();
            if (numImportedEntriesInBatch > 0 && (numImportedEntriesInBatch % this.numCertsPerCommit == 0 || isLastBlock)) {
                if (evaulateOnly) {
                    psCert.clearBatch();
                } else {
                    try {
                        psCert.executeBatch();
                        commit("(commit import cert to OCSP)");
                    } catch (Throwable th) {
                        rollback();
                        deleteCertGreatherThan(lastSuccessfulCertId, LOG);
                        if (th instanceof SQLException) {
                            throw translate(SQL_ADD_CERT, (SQLException) th);
                        } else if (th instanceof Exception) {
                            throw (Exception) th;
                        } else {
                            throw new Exception(th);
                        }
                    }
                }
                lastSuccessfulCertId = id;
                processLog.addNumProcessed(numProcessedEntriesInBatch);
                importLog.addNumProcessed(numImportedEntriesInBatch);
                numProcessedEntriesInBatch = 0;
                numImportedEntriesInBatch = 0;
                String filename = (numProcessedInLastProcess + processLog.numProcessed()) + ":" + lastSuccessfulCertId;
                echoToFile(filename, processLogFile);
                processLog.printStatus();
            } else if (isLastBlock) {
                lastSuccessfulCertId = id;
                processLog.addNumProcessed(numProcessedEntriesInBatch);
                importLog.addNumProcessed(numImportedEntriesInBatch);
                numProcessedEntriesInBatch = 0;
                numImportedEntriesInBatch = 0;
                String filename = (numProcessedInLastProcess + processLog.numProcessed()) + ":" + lastSuccessfulCertId;
                echoToFile(filename, processLogFile);
                processLog.printStatus();
            }
        // if (numImportedEntriesInBatch)
        }
        return lastSuccessfulCertId;
    } finally {
        recoverAutoCommit();
        zipFile.close();
    }
}
Also used : SQLException(java.sql.SQLException) ZipEntry(java.util.zip.ZipEntry) CertType(org.xipki.ca.dbtool.xmlio.ca.CertType) CertificateException(java.security.cert.CertificateException) InvalidInputException(org.xipki.dbtool.InvalidInputException) SQLException(java.sql.SQLException) DataAccessException(org.xipki.datasource.DataAccessException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) JAXBException(javax.xml.bind.JAXBException) ZipFile(java.util.zip.ZipFile) ZipFile(java.util.zip.ZipFile) File(java.io.File) TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate) CertsReader(org.xipki.ca.dbtool.xmlio.ca.CertsReader) TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate) Certificate(org.bouncycastle.asn1.x509.Certificate)

Aggregations

File (java.io.File)1 IOException (java.io.IOException)1 CertificateException (java.security.cert.CertificateException)1 SQLException (java.sql.SQLException)1 ZipEntry (java.util.zip.ZipEntry)1 ZipFile (java.util.zip.ZipFile)1 JAXBException (javax.xml.bind.JAXBException)1 Certificate (org.bouncycastle.asn1.x509.Certificate)1 TBSCertificate (org.bouncycastle.asn1.x509.TBSCertificate)1 CertType (org.xipki.ca.dbtool.xmlio.ca.CertType)1 CertsReader (org.xipki.ca.dbtool.xmlio.ca.CertsReader)1 DataAccessException (org.xipki.datasource.DataAccessException)1 InvalidInputException (org.xipki.dbtool.InvalidInputException)1