From 2fc0e6fe704f080041745962b282ce95024995d8 Mon Sep 17 00:00:00 2001
From: Pavel Zilke <pavel.zilke@gmail.com>
Date: Mon, 9 Dec 2024 11:39:41 +0300
Subject: [PATCH 1/2] DEVOPS-1877 new ca cert

---
 entrypoint.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index f8ef189..ca327f4 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -10,8 +10,7 @@ fi
 
 set +e
 cd /home/ervu/cacerts
-echo o | /opt/cprocsp/bin/amd64/certmgr -install -store uRoot -file testgost2012_10.crt
-echo o | /opt/cprocsp/bin/amd64/certmgr -install -store uRoot -thumbprint 67aea9fc8041cfafafbb77c4837038f05e727501 -file testroot.p7b
+echo o | /opt/cprocsp/bin/amd64/certmgr -install -store uRoot -file test_ca_2014.crt
 set -e
 
 /opt/ervu-sign-module/ervu-sign-module

From d6c6cd96eea72b00a2cccafb65a7864b15d17cdc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=9D=D0=B0=D0=B8=D0=BB=D1=8F=20=D0=90=D0=BB=D0=B0=D1=88?=
 =?UTF-8?q?=D0=BA=D0=BE=D0=B2=D0=B0?= <n.alashkova@micord.ru>
Date: Tue, 10 Dec 2024 10:02:37 +0300
Subject: [PATCH 2/2] =?UTF-8?q?SUPPORT-8767.=20=D0=94=D0=BE=D0=B1=D0=B0?=
 =?UTF-8?q?=D0=B2=D0=BB=D0=B5=D0=BD=D0=B0=20=D0=BE=D0=B1=D1=8F=D0=B7=D0=B0?=
 =?UTF-8?q?=D1=82=D0=B5=D0=BB=D1=8C=D0=BD=D0=BE=D1=81=D1=82=D1=8C=20=D0=BF?=
 =?UTF-8?q?=D0=BE=D0=BB=D0=B5=D0=B9=20sign=5Fcert=5Fthumbprint,=20sign=5Fc?=
 =?UTF-8?q?ert=5Fpassword=20=D0=B8=20esia=5Fcert=5Fthumbprint?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/modules/service_sign.c   | 10 ++++++++++
 src/modules/service_verify.c |  5 +++++
 2 files changed, 15 insertions(+)

diff --git a/src/modules/service_sign.c b/src/modules/service_sign.c
index af94665..78bf9f7 100644
--- a/src/modules/service_sign.c
+++ b/src/modules/service_sign.c
@@ -78,6 +78,16 @@ sign_conf_load(sign_conf_t *conf, const conf_file_context_t conf_file)
         goto error;
     }
 
+    if (str_t_is_null(conf->sign_cert_thumbprint)) {
+        LOG_ERROR(SIGN_CONF_SECTION ":" SIGN_CONF_KEY_SIGN_CERT_THUMBPRINT " is required");
+        goto error;
+    }
+    
+    if (str_t_is_null(conf->sign_cert_password)) {
+        LOG_ERROR(SIGN_CONF_SECTION ":" SIGN_CONF_KEY_SIGN_CERT_PASSWORD " is required");
+        goto error;
+    }
+
     LOG_TRACE("sign_conf_load exit");
     return 0;
 
diff --git a/src/modules/service_verify.c b/src/modules/service_verify.c
index 1fcfd80..521be5e 100644
--- a/src/modules/service_verify.c
+++ b/src/modules/service_verify.c
@@ -74,6 +74,11 @@ verify_conf_load(verify_conf_t *conf, const conf_file_context_t conf_file)
         goto error;
     }
 
+    if (conf->esia_cert_thumbprint_list.size == 0) {
+        LOG_ERROR(VERIFY_CONF_SECTION ":" VERIFY_CONF_KEY_THUMBPRINT " is required");
+        goto error;
+    }
+
     LOG_TRACE("verify_conf_load exit");
     return 0;