private int do_import_cert( final PreparedStatement ps_cert, final PreparedStatement ps_certhash, final PreparedStatement ps_rawcert, final String certsZipFile, final int minId, final File processLogFile, final ProcessLog processLog, final int numProcessedInLastProcess) throws Exception { ZipFile zipFile = new ZipFile(new File(certsZipFile)); ZipEntry certsXmlEntry = zipFile.getEntry("certs.xml"); OcspCertsReader certs; try { certs = new OcspCertsReader(zipFile.getInputStream(certsXmlEntry)); } catch (Exception e) { try { zipFile.close(); } catch (Exception e2) { } throw e; } disableAutoCommit(); try { int numEntriesInBatch = 0; int lastSuccessfulCertId = 0; while (certs.hasNext()) { if (stopMe.get()) { throw new InterruptedException("interrupted by the user"); } OcspCertType cert = (OcspCertType) certs.next(); int id = cert.getId(); if (id < minId) { continue; } numEntriesInBatch++; String filename = cert.getFile(); // rawcert ZipEntry certZipEnty = zipFile.getEntry(filename); // rawcert byte[] encodedCert = IoUtil.read(zipFile.getInputStream(certZipEnty)); TBSCertificate c; try { Certificate cc = Certificate.getInstance(encodedCert); c = cc.getTBSCertificate(); } catch (Exception e) { LOG.error("could not parse certificate in file {}", filename); LOG.debug("could not parse certificate in file " + filename, e); if (e instanceof CertificateException) { throw (CertificateException) e; } else { throw new CertificateException(e.getMessage(), e); } } // cert try { int idx = 1; ps_cert.setInt(idx++, id); ps_cert.setInt(idx++, cert.getIid()); ps_cert.setLong(idx++, c.getSerialNumber().getPositiveValue().longValue()); ps_cert.setLong(idx++, cert.getUpdate()); ps_cert.setLong(idx++, c.getStartDate().getDate().getTime() / 1000); ps_cert.setLong(idx++, c.getEndDate().getDate().getTime() / 1000); setBoolean(ps_cert, idx++, cert.getRev().booleanValue()); setInt(ps_cert, idx++, cert.getRr()); setLong(ps_cert, idx++, cert.getRt()); setLong(ps_cert, idx++, cert.getRit()); ps_cert.setString(idx++, cert.getProfile()); ps_cert.addBatch(); } catch (SQLException e) { throw translate(SQL_ADD_CERT, e); } // certhash try { int idx = 1; ps_certhash.setInt(idx++, cert.getId()); ps_certhash.setString(idx++, sha1(encodedCert)); ps_certhash.setString(idx++, sha224(encodedCert)); ps_certhash.setString(idx++, sha256(encodedCert)); ps_certhash.setString(idx++, sha384(encodedCert)); ps_certhash.setString(idx++, sha512(encodedCert)); ps_certhash.addBatch(); } catch (SQLException e) { throw translate(SQL_ADD_CHASH, e); } // rawcert try { int idx = 1; ps_rawcert.setInt(idx++, cert.getId()); ps_rawcert.setString(idx++, X509Util.cutX500Name(c.getSubject(), maxX500nameLen)); ps_rawcert.setString(idx++, Base64.toBase64String(encodedCert)); ps_rawcert.addBatch(); } catch (SQLException e) { throw translate(SQL_ADD_CRAW, e); } boolean isLastBlock = !certs.hasNext(); if (numEntriesInBatch > 0 && (numEntriesInBatch % this.numCertsPerCommit == 0 || isLastBlock)) { if (evaulateOnly) { ps_cert.clearBatch(); ps_certhash.clearBatch(); ps_rawcert.clearBatch(); } else { String sql = null; try { sql = SQL_ADD_CERT; ps_cert.executeBatch(); sql = SQL_ADD_CHASH; ps_certhash.executeBatch(); sql = SQL_ADD_CRAW; ps_rawcert.executeBatch(); sql = null; commit("(commit import cert to OCSP)"); } catch (Throwable t) { rollback(); deleteCertGreatherThan(lastSuccessfulCertId, LOG); if (t instanceof SQLException) { throw translate(sql, (SQLException) t); } else if (t instanceof Exception) { throw (Exception) t; } else { throw new Exception(t); } } } lastSuccessfulCertId = id; processLog.addNumProcessed(numEntriesInBatch); numEntriesInBatch = 0; echoToFile( (numProcessedInLastProcess + processLog.getNumProcessed()) + ":" + lastSuccessfulCertId, processLogFile); processLog.printStatus(); } } // end for return lastSuccessfulCertId; } finally { try { recoverAutoCommit(); } catch (DataAccessException e) { } zipFile.close(); } } // method do_import_cert
private void import_issuer(final Issuers issuers) throws DataAccessException, CertificateException, IOException { System.out.println("importing table ISSUER"); PreparedStatement ps = prepareStatement(SQL_ADD_ISSUER); try { for (IssuerType issuer : issuers.getIssuer()) { try { String certFilename = issuer.getCertFile(); String b64Cert = new String(IoUtil.read(new File(baseDir, certFilename))); byte[] encodedCert = Base64.decode(b64Cert); Certificate c; byte[] encodedName; try { c = Certificate.getInstance(encodedCert); encodedName = c.getSubject().getEncoded("DER"); } catch (Exception e) { LOG.error("could not parse certificate of issuer {}", issuer.getId()); LOG.debug("could not parse certificate of issuer " + issuer.getId(), e); if (e instanceof CertificateException) { throw (CertificateException) e; } else { throw new CertificateException(e.getMessage(), e); } } byte[] encodedKey = c.getSubjectPublicKeyInfo().getPublicKeyData().getBytes(); int idx = 1; ps.setInt(idx++, issuer.getId()); ps.setString(idx++, X509Util.cutX500Name(c.getSubject(), maxX500nameLen)); ps.setLong(idx++, c.getTBSCertificate().getStartDate().getDate().getTime() / 1000); ps.setLong(idx++, c.getTBSCertificate().getEndDate().getDate().getTime() / 1000); ps.setString(idx++, sha1(encodedName)); ps.setString(idx++, sha1(encodedKey)); ps.setString(idx++, sha224(encodedName)); ps.setString(idx++, sha224(encodedKey)); ps.setString(idx++, sha256(encodedName)); ps.setString(idx++, sha256(encodedKey)); ps.setString(idx++, sha384(encodedName)); ps.setString(idx++, sha384(encodedKey)); ps.setString(idx++, sha512(encodedName)); ps.setString(idx++, sha512(encodedKey)); ps.setString(idx++, sha1(encodedCert)); ps.setString(idx++, b64Cert); setBoolean(ps, idx++, issuer.isRevoked()); setInt(ps, idx++, issuer.getRevReason()); setLong(ps, idx++, issuer.getRevTime()); setLong(ps, idx++, issuer.getRevInvTime()); ps.execute(); } catch (SQLException e) { System.err.println("error while importing issuer with id=" + issuer.getId()); throw translate(SQL_ADD_ISSUER, e); } catch (CertificateException e) { System.err.println("error while importing issuer with id=" + issuer.getId()); throw e; } } } finally { releaseResources(ps, null); } System.out.println(" imported table ISSUER"); } // method import_issuer