From 99e59db13d5410aeca296636b256c44486df0abc Mon Sep 17 00:00:00 2001
From: Kevin Guerineau <kevin.guerineau@infolix.fr>
Date: Tue, 7 May 2024 22:13:16 +0200
Subject: [PATCH] [FIX] fix retry

---
 common.py | 28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/common.py b/common.py
index f4e681f..ffa1360 100644
--- a/common.py
+++ b/common.py
@@ -259,20 +259,28 @@ def create_openssl_intermediate(name, force=False,verbose=False):
         gen_intermediate_ca = subprocess.run(f"/usr/bin/openssl req -config {intermediate_ca_config} -new -sha512 -keyout {TisPKI.intermediate_ca_keyfile(name)} \
         -out {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr", shell=True, check=True, executable='/bin/bash')
 
-        Printing.information('Sign Intermediate CA with Root CA')
-        sign_intermediate_ca = subprocess.run(f"/usr/bin/openssl ca -config {os.path.join(TisPKI.root_config_path(),'openssl_root_ca_sign_intermediate.ini')} \
-        -extensions v3_intermediate_ca -days 1825 -notext -md sha512 -create_serial -in {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr \
-        -out {TisPKI.intermediate_ca_certfile(name)}", shell=True, check=True, executable='/bin/bash')
+        if gen_intermediate_ca.returncode == 0:
+            Printing.information('Sign Intermediate CA with Root CA')
+            sign_intermediate_ca = subprocess.run(f"/usr/bin/openssl ca -config {os.path.join(TisPKI.root_config_path(),'openssl_root_ca_sign_intermediate.ini')} \
+            -extensions v3_intermediate_ca -days 1825 -notext -md sha512 -create_serial -in {TisPKI.intermediate_csr_path(name)}/{name.replace(' ','_')}_intermediate_ca.csr \
+            -out {TisPKI.intermediate_ca_certfile(name)}", shell=True, check=True, executable='/bin/bash')
 
-        if sign_intermediate_ca.returncode == 0:
-            if verbose:
-                subprocess.run(f'openssl x509 -in {TisPKI.intermediate_ca_certfile(name)} -text', shell=True, check=True, executable='/bin/bash')
-            Printing.success(f'Intermediate CA Certfile is stored in : {TisPKI.intermediate_ca_certfile(name)}')
+            if sign_intermediate_ca.returncode == 0:
+                if verbose:
+                    subprocess.run(f'openssl x509 -in {TisPKI.intermediate_ca_certfile(name)} -text', shell=True, check=True, executable='/bin/bash')
+                Printing.success(f'Intermediate CA Certfile is stored in : {TisPKI.intermediate_ca_certfile(name)}')
+            else:
+                Printing.error('Error on generating Intermediate CA private key')
+                retry = input('If you want to retry, press Y : ')
+                if retry == "y" or retry == 'Y':
+                    os.remove(TisPKI.intermediate_ca_certfile(name))
+                    os.remove(TisPKI.intermediate_ca_keyfile(name))
+                    create_openssl_intermediate(name, force, verbose)
         else:
-            Printing.error('Error on generating Intermediate CA private key')
-            os.remove(TisPKI.intermediate_ca_keyfile(name))
+            Printing.error('Error on generating Root CA private key')
             retry = input('If you want to retry, press Y : ')
             if retry == "y" or retry == 'Y':
+                os.remove(TisPKI.intermediate_ca_keyfile(name))
                 create_openssl_intermediate(name, force, verbose)
     else:
         Printing.warning('Intermediate CA private key and certificate already exist. Skip.')