private int do_import_cert(
final PreparedStatement ps_cert,
final PreparedStatement ps_certhash,
final PreparedStatement ps_rawcert,
final String certsZipFile,
final int minId,
final File processLogFile,
final ProcessLog processLog,
final int numProcessedInLastProcess)
throws Exception {
ZipFile zipFile = new ZipFile(new File(certsZipFile));
ZipEntry certsXmlEntry = zipFile.getEntry("certs.xml");
OcspCertsReader certs;
try {
certs = new OcspCertsReader(zipFile.getInputStream(certsXmlEntry));
} catch (Exception e) {
try {
zipFile.close();
} catch (Exception e2) {
}
throw e;
}
disableAutoCommit();
try {
int numEntriesInBatch = 0;
int lastSuccessfulCertId = 0;
while (certs.hasNext()) {
if (stopMe.get()) {
throw new InterruptedException("interrupted by the user");
}
OcspCertType cert = (OcspCertType) certs.next();
int id = cert.getId();
if (id < minId) {
continue;
}
numEntriesInBatch++;
String filename = cert.getFile();
// rawcert
ZipEntry certZipEnty = zipFile.getEntry(filename);
// rawcert
byte[] encodedCert = IoUtil.read(zipFile.getInputStream(certZipEnty));
TBSCertificate c;
try {
Certificate cc = Certificate.getInstance(encodedCert);
c = cc.getTBSCertificate();
} catch (Exception e) {
LOG.error("could not parse certificate in file {}", filename);
LOG.debug("could not parse certificate in file " + filename, e);
if (e instanceof CertificateException) {
throw (CertificateException) e;
} else {
throw new CertificateException(e.getMessage(), e);
}
}
// cert
try {
int idx = 1;
ps_cert.setInt(idx++, id);
ps_cert.setInt(idx++, cert.getIid());
ps_cert.setLong(idx++, c.getSerialNumber().getPositiveValue().longValue());
ps_cert.setLong(idx++, cert.getUpdate());
ps_cert.setLong(idx++, c.getStartDate().getDate().getTime() / 1000);
ps_cert.setLong(idx++, c.getEndDate().getDate().getTime() / 1000);
setBoolean(ps_cert, idx++, cert.getRev().booleanValue());
setInt(ps_cert, idx++, cert.getRr());
setLong(ps_cert, idx++, cert.getRt());
setLong(ps_cert, idx++, cert.getRit());
ps_cert.setString(idx++, cert.getProfile());
ps_cert.addBatch();
} catch (SQLException e) {
throw translate(SQL_ADD_CERT, e);
}
// certhash
try {
int idx = 1;
ps_certhash.setInt(idx++, cert.getId());
ps_certhash.setString(idx++, sha1(encodedCert));
ps_certhash.setString(idx++, sha224(encodedCert));
ps_certhash.setString(idx++, sha256(encodedCert));
ps_certhash.setString(idx++, sha384(encodedCert));
ps_certhash.setString(idx++, sha512(encodedCert));
ps_certhash.addBatch();
} catch (SQLException e) {
throw translate(SQL_ADD_CHASH, e);
}
// rawcert
try {
int idx = 1;
ps_rawcert.setInt(idx++, cert.getId());
ps_rawcert.setString(idx++, X509Util.cutX500Name(c.getSubject(), maxX500nameLen));
ps_rawcert.setString(idx++, Base64.toBase64String(encodedCert));
ps_rawcert.addBatch();
} catch (SQLException e) {
throw translate(SQL_ADD_CRAW, e);
}
boolean isLastBlock = !certs.hasNext();
if (numEntriesInBatch > 0
&& (numEntriesInBatch % this.numCertsPerCommit == 0 || isLastBlock)) {
if (evaulateOnly) {
ps_cert.clearBatch();
ps_certhash.clearBatch();
ps_rawcert.clearBatch();
} else {
String sql = null;
try {
sql = SQL_ADD_CERT;
ps_cert.executeBatch();
sql = SQL_ADD_CHASH;
ps_certhash.executeBatch();
sql = SQL_ADD_CRAW;
ps_rawcert.executeBatch();
sql = null;
commit("(commit import cert to OCSP)");
} catch (Throwable t) {
rollback();
deleteCertGreatherThan(lastSuccessfulCertId, LOG);
if (t instanceof SQLException) {
throw translate(sql, (SQLException) t);
} else if (t instanceof Exception) {
throw (Exception) t;
} else {
throw new Exception(t);
}
}
}
lastSuccessfulCertId = id;
processLog.addNumProcessed(numEntriesInBatch);
numEntriesInBatch = 0;
echoToFile(
(numProcessedInLastProcess + processLog.getNumProcessed())
+ ":"
+ lastSuccessfulCertId,
processLogFile);
processLog.printStatus();
}
} // end for
return lastSuccessfulCertId;
} finally {
try {
recoverAutoCommit();
} catch (DataAccessException e) {
}
zipFile.close();
}
} // method do_import_cert
private void import_issuer(final Issuers issuers)
throws DataAccessException, CertificateException, IOException {
System.out.println("importing table ISSUER");
PreparedStatement ps = prepareStatement(SQL_ADD_ISSUER);
try {
for (IssuerType issuer : issuers.getIssuer()) {
try {
String certFilename = issuer.getCertFile();
String b64Cert = new String(IoUtil.read(new File(baseDir, certFilename)));
byte[] encodedCert = Base64.decode(b64Cert);
Certificate c;
byte[] encodedName;
try {
c = Certificate.getInstance(encodedCert);
encodedName = c.getSubject().getEncoded("DER");
} catch (Exception e) {
LOG.error("could not parse certificate of issuer {}", issuer.getId());
LOG.debug("could not parse certificate of issuer " + issuer.getId(), e);
if (e instanceof CertificateException) {
throw (CertificateException) e;
} else {
throw new CertificateException(e.getMessage(), e);
}
}
byte[] encodedKey = c.getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
int idx = 1;
ps.setInt(idx++, issuer.getId());
ps.setString(idx++, X509Util.cutX500Name(c.getSubject(), maxX500nameLen));
ps.setLong(idx++, c.getTBSCertificate().getStartDate().getDate().getTime() / 1000);
ps.setLong(idx++, c.getTBSCertificate().getEndDate().getDate().getTime() / 1000);
ps.setString(idx++, sha1(encodedName));
ps.setString(idx++, sha1(encodedKey));
ps.setString(idx++, sha224(encodedName));
ps.setString(idx++, sha224(encodedKey));
ps.setString(idx++, sha256(encodedName));
ps.setString(idx++, sha256(encodedKey));
ps.setString(idx++, sha384(encodedName));
ps.setString(idx++, sha384(encodedKey));
ps.setString(idx++, sha512(encodedName));
ps.setString(idx++, sha512(encodedKey));
ps.setString(idx++, sha1(encodedCert));
ps.setString(idx++, b64Cert);
setBoolean(ps, idx++, issuer.isRevoked());
setInt(ps, idx++, issuer.getRevReason());
setLong(ps, idx++, issuer.getRevTime());
setLong(ps, idx++, issuer.getRevInvTime());
ps.execute();
} catch (SQLException e) {
System.err.println("error while importing issuer with id=" + issuer.getId());
throw translate(SQL_ADD_ISSUER, e);
} catch (CertificateException e) {
System.err.println("error while importing issuer with id=" + issuer.getId());
throw e;
}
}
} finally {
releaseResources(ps, null);
}
System.out.println(" imported table ISSUER");
} // method import_issuer
