Example 1 with CertsReader
use of org.xipki.ca.dbtool.xmlio.ca.CertsReader in project xipki by xipki.
the class OcspCertStoreFromCaDbImporter method importCert0.
// method importCert
private long importCert0(HashAlgo certhashAlgo, PreparedStatement psCert, String certsZipFile, Map<Integer, String> profileMap, boolean revokedOnly, List<Integer> caIds, long minId, File processLogFile, ProcessLog processLog, int numProcessedInLastProcess, ProcessLog importLog) throws Exception {
ZipFile zipFile = new ZipFile(new File(certsZipFile));
ZipEntry certsXmlEntry = zipFile.getEntry("overview.xml");
CertsReader certs;
try {
certs = new CertsReader(zipFile.getInputStream(certsXmlEntry));
} catch (Exception ex) {
try {
zipFile.close();
} catch (Exception ex2) {
LOG.error("could not close ZIP file {}: {}", certsZipFile, ex2.getMessage());
LOG.debug("could not close ZIP file " + certsZipFile, ex2);
}
throw ex;
}
disableAutoCommit();
try {
int numProcessedEntriesInBatch = 0;
int numImportedEntriesInBatch = 0;
long lastSuccessfulCertId = 0;
while (certs.hasNext()) {
if (stopMe.get()) {
throw new InterruptedException("interrupted by the user");
}
CertType cert = (CertType) certs.next();
long id = cert.getId();
lastSuccessfulCertId = id;
if (id < minId) {
continue;
}
numProcessedEntriesInBatch++;
if (!revokedOnly || cert.getRev().booleanValue()) {
int caId = cert.getCaId();
if (caIds.contains(caId)) {
numImportedEntriesInBatch++;
String filename = cert.getFile();
// rawcert
ZipEntry certZipEnty = zipFile.getEntry(filename);
// rawcert
byte[] encodedCert = IoUtil.read(zipFile.getInputStream(certZipEnty));
String certhash = certhashAlgo.base64Hash(encodedCert);
TBSCertificate tbsCert;
try {
Certificate cc = Certificate.getInstance(encodedCert);
tbsCert = cc.getTBSCertificate();
} catch (RuntimeException ex) {
LOG.error("could not parse certificate in file {}", filename);
LOG.debug("could not parse certificate in file " + filename, ex);
throw new CertificateException(ex.getMessage(), ex);
}
String subject = X509Util.cutX500Name(tbsCert.getSubject(), maxX500nameLen);
// cert
try {
int idx = 1;
psCert.setLong(idx++, id);
psCert.setInt(idx++, caId);
psCert.setString(idx++, tbsCert.getSerialNumber().getPositiveValue().toString(16));
psCert.setLong(idx++, cert.getUpdate());
psCert.setLong(idx++, tbsCert.getStartDate().getDate().getTime() / 1000);
psCert.setLong(idx++, tbsCert.getEndDate().getDate().getTime() / 1000);
setBoolean(psCert, idx++, cert.getRev());
setInt(psCert, idx++, cert.getRr());
setLong(psCert, idx++, cert.getRt());
setLong(psCert, idx++, cert.getRit());
int certprofileId = cert.getPid();
String certprofileName = profileMap.get(certprofileId);
psCert.setString(idx++, certprofileName);
psCert.setString(idx++, certhash);
psCert.setString(idx++, subject);
psCert.addBatch();
} catch (SQLException ex) {
throw translate(SQL_ADD_CERT, ex);
}
}
// end if (caIds.contains(caId))
}
// end if (revokedOnly
boolean isLastBlock = !certs.hasNext();
if (numImportedEntriesInBatch > 0 && (numImportedEntriesInBatch % this.numCertsPerCommit == 0 || isLastBlock)) {
if (evaulateOnly) {
psCert.clearBatch();
} else {
try {
psCert.executeBatch();
commit("(commit import cert to OCSP)");
} catch (Throwable th) {
rollback();
deleteCertGreatherThan(lastSuccessfulCertId, LOG);
if (th instanceof SQLException) {
throw translate(SQL_ADD_CERT, (SQLException) th);
} else if (th instanceof Exception) {
throw (Exception) th;
} else {
throw new Exception(th);
}
}
}
lastSuccessfulCertId = id;
processLog.addNumProcessed(numProcessedEntriesInBatch);
importLog.addNumProcessed(numImportedEntriesInBatch);
numProcessedEntriesInBatch = 0;
numImportedEntriesInBatch = 0;
String filename = (numProcessedInLastProcess + processLog.numProcessed()) + ":" + lastSuccessfulCertId;
echoToFile(filename, processLogFile);
processLog.printStatus();
} else if (isLastBlock) {
lastSuccessfulCertId = id;
processLog.addNumProcessed(numProcessedEntriesInBatch);
importLog.addNumProcessed(numImportedEntriesInBatch);
numProcessedEntriesInBatch = 0;
numImportedEntriesInBatch = 0;
String filename = (numProcessedInLastProcess + processLog.numProcessed()) + ":" + lastSuccessfulCertId;
echoToFile(filename, processLogFile);
processLog.printStatus();
}
// if (numImportedEntriesInBatch)
}
return lastSuccessfulCertId;
} finally {
recoverAutoCommit();
zipFile.close();
}
}
Also used :
SQLException(java.sql.SQLException)
ZipEntry(java.util.zip.ZipEntry)
CertType(org.xipki.ca.dbtool.xmlio.ca.CertType)
CertificateException(java.security.cert.CertificateException)
InvalidInputException(org.xipki.dbtool.InvalidInputException)
SQLException(java.sql.SQLException)
DataAccessException(org.xipki.datasource.DataAccessException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
JAXBException(javax.xml.bind.JAXBException)
ZipFile(java.util.zip.ZipFile)
ZipFile(java.util.zip.ZipFile)
File(java.io.File)
TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate)
CertsReader(org.xipki.ca.dbtool.xmlio.ca.CertsReader)
TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Aggregations
File (java.io.File)1
IOException (java.io.IOException)1
CertificateException (java.security.cert.CertificateException)1
SQLException (java.sql.SQLException)1
ZipEntry (java.util.zip.ZipEntry)1
ZipFile (java.util.zip.ZipFile)1
JAXBException (javax.xml.bind.JAXBException)1
Certificate (org.bouncycastle.asn1.x509.Certificate)1
TBSCertificate (org.bouncycastle.asn1.x509.TBSCertificate)1
CertType (org.xipki.ca.dbtool.xmlio.ca.CertType)1
CertsReader (org.xipki.ca.dbtool.xmlio.ca.CertsReader)1
DataAccessException (org.xipki.datasource.DataAccessException)1
InvalidInputException (org.xipki.dbtool.InvalidInputException)1
