private int do_import_cert(
final PreparedStatement ps_cert,
final PreparedStatement ps_certhash,
final PreparedStatement ps_rawcert,
final String certsZipFile,
final int minId,
final File processLogFile,
final ProcessLog processLog,
final int numProcessedInLastProcess)
throws Exception {
ZipFile zipFile = new ZipFile(new File(certsZipFile));
ZipEntry certsXmlEntry = zipFile.getEntry("certs.xml");
OcspCertsReader certs;
try {
certs = new OcspCertsReader(zipFile.getInputStream(certsXmlEntry));
} catch (Exception e) {
try {
zipFile.close();
} catch (Exception e2) {
}
throw e;
}
disableAutoCommit();
try {
int numEntriesInBatch = 0;
int lastSuccessfulCertId = 0;
while (certs.hasNext()) {
if (stopMe.get()) {
throw new InterruptedException("interrupted by the user");
}
OcspCertType cert = (OcspCertType) certs.next();
int id = cert.getId();
if (id < minId) {
continue;
}
numEntriesInBatch++;
String filename = cert.getFile();
// rawcert
ZipEntry certZipEnty = zipFile.getEntry(filename);
// rawcert
byte[] encodedCert = IoUtil.read(zipFile.getInputStream(certZipEnty));
TBSCertificate c;
try {
Certificate cc = Certificate.getInstance(encodedCert);
c = cc.getTBSCertificate();
} catch (Exception e) {
LOG.error("could not parse certificate in file {}", filename);
LOG.debug("could not parse certificate in file " + filename, e);
if (e instanceof CertificateException) {
throw (CertificateException) e;
} else {
throw new CertificateException(e.getMessage(), e);
}
}
// cert
try {
int idx = 1;
ps_cert.setInt(idx++, id);
ps_cert.setInt(idx++, cert.getIid());
ps_cert.setLong(idx++, c.getSerialNumber().getPositiveValue().longValue());
ps_cert.setLong(idx++, cert.getUpdate());
ps_cert.setLong(idx++, c.getStartDate().getDate().getTime() / 1000);
ps_cert.setLong(idx++, c.getEndDate().getDate().getTime() / 1000);
setBoolean(ps_cert, idx++, cert.getRev().booleanValue());
setInt(ps_cert, idx++, cert.getRr());
setLong(ps_cert, idx++, cert.getRt());
setLong(ps_cert, idx++, cert.getRit());
ps_cert.setString(idx++, cert.getProfile());
ps_cert.addBatch();
} catch (SQLException e) {
throw translate(SQL_ADD_CERT, e);
}
// certhash
try {
int idx = 1;
ps_certhash.setInt(idx++, cert.getId());
ps_certhash.setString(idx++, sha1(encodedCert));
ps_certhash.setString(idx++, sha224(encodedCert));
ps_certhash.setString(idx++, sha256(encodedCert));
ps_certhash.setString(idx++, sha384(encodedCert));
ps_certhash.setString(idx++, sha512(encodedCert));
ps_certhash.addBatch();
} catch (SQLException e) {
throw translate(SQL_ADD_CHASH, e);
}
// rawcert
try {
int idx = 1;
ps_rawcert.setInt(idx++, cert.getId());
ps_rawcert.setString(idx++, X509Util.cutX500Name(c.getSubject(), maxX500nameLen));
ps_rawcert.setString(idx++, Base64.toBase64String(encodedCert));
ps_rawcert.addBatch();
} catch (SQLException e) {
throw translate(SQL_ADD_CRAW, e);
}
boolean isLastBlock = !certs.hasNext();
if (numEntriesInBatch > 0
&& (numEntriesInBatch % this.numCertsPerCommit == 0 || isLastBlock)) {
if (evaulateOnly) {
ps_cert.clearBatch();
ps_certhash.clearBatch();
ps_rawcert.clearBatch();
} else {
String sql = null;
try {
sql = SQL_ADD_CERT;
ps_cert.executeBatch();
sql = SQL_ADD_CHASH;
ps_certhash.executeBatch();
sql = SQL_ADD_CRAW;
ps_rawcert.executeBatch();
sql = null;
commit("(commit import cert to OCSP)");
} catch (Throwable t) {
rollback();
deleteCertGreatherThan(lastSuccessfulCertId, LOG);
if (t instanceof SQLException) {
throw translate(sql, (SQLException) t);
} else if (t instanceof Exception) {
throw (Exception) t;
} else {
throw new Exception(t);
}
}
}
lastSuccessfulCertId = id;
processLog.addNumProcessed(numEntriesInBatch);
numEntriesInBatch = 0;
echoToFile(
(numProcessedInLastProcess + processLog.getNumProcessed())
+ ":"
+ lastSuccessfulCertId,
processLogFile);
processLog.printStatus();
}
} // end for
return lastSuccessfulCertId;
} finally {
try {
recoverAutoCommit();
} catch (DataAccessException e) {
}
zipFile.close();
}
} // method do_import_cert
private void import_cert(final CertStoreType certstore, final File processLogFile)
throws Exception {
int numProcessedBefore = 0;
int minId = 1;
if (processLogFile.exists()) {
byte[] content = IoUtil.read(processLogFile);
if (content != null && content.length > 2) {
String str = new String(content);
if (str.trim().equalsIgnoreCase(MSG_CERTS_FINISHED)) {
return;
}
StringTokenizer st = new StringTokenizer(str, ":");
numProcessedBefore = Integer.parseInt(st.nextToken());
minId = Integer.parseInt(st.nextToken());
minId++;
}
}
deleteCertGreatherThan(minId - 1, LOG);
final long total = certstore.getCountCerts() - numProcessedBefore;
final ProcessLog processLog = new ProcessLog(total);
System.out.println(getImportingText() + "certificates from ID " + minId);
processLog.printHeader();
PreparedStatement ps_cert = prepareStatement(SQL_ADD_CERT);
PreparedStatement ps_certhash = prepareStatement(SQL_ADD_CHASH);
PreparedStatement ps_rawcert = prepareStatement(SQL_ADD_CRAW);
DbPortFileNameIterator certsFileIterator = new DbPortFileNameIterator(certsListFile);
try {
while (certsFileIterator.hasNext()) {
String certsFile = certsDir + File.separator + certsFileIterator.next();
// extract the toId from the filename
int fromIdx = certsFile.indexOf('-');
int toIdx = certsFile.indexOf(".zip");
if (fromIdx != -1 && toIdx != -1) {
try {
long toId = Integer.parseInt(certsFile.substring(fromIdx + 1, toIdx));
if (toId < minId) {
// try next file
continue;
}
} catch (Exception e) {
LOG.warn("invalid file name '{}', but will still be processed", certsFile);
}
} else {
LOG.warn("invalid file name '{}', but will still be processed", certsFile);
}
try {
int lastId =
do_import_cert(
ps_cert,
ps_certhash,
ps_rawcert,
certsFile,
minId,
processLogFile,
processLog,
numProcessedBefore);
minId = lastId + 1;
} catch (Exception e) {
System.err.println(
"\nerror while importing certificates from file "
+ certsFile
+ ".\nplease continue with the option '--resume'");
LOG.error("Exception", e);
throw e;
}
} // end for
} finally {
releaseResources(ps_cert, null);
releaseResources(ps_certhash, null);
releaseResources(ps_rawcert, null);
certsFileIterator.close();
}
long maxId = getMax("CERT", "ID");
String seqName = "CID";
dataSource.dropAndCreateSequence(seqName, maxId + 1);
processLog.printTrailer();
echoToFile(MSG_CERTS_FINISHED, processLogFile);
System.out.println(getImportedText() + processLog.getNumProcessed() + " certificates");
} // method import_cert