1 package club.wpia.gigi.util;
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
5 import static org.junit.Assume.*;
7 import java.io.IOException;
8 import java.security.GeneralSecurityException;
9 import java.util.Arrays;
11 import org.junit.Test;
12 import org.junit.runner.RunWith;
13 import org.junit.runners.Parameterized;
14 import org.junit.runners.Parameterized.Parameter;
15 import org.junit.runners.Parameterized.Parameters;
17 import club.wpia.gigi.GigiApiException;
18 import club.wpia.gigi.dbObjects.Certificate;
19 import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
20 import club.wpia.gigi.dbObjects.CertificateProfile;
21 import club.wpia.gigi.dbObjects.Digest;
22 import club.wpia.gigi.dbObjects.Domain;
23 import club.wpia.gigi.dbObjects.Job;
24 import club.wpia.gigi.pages.account.certs.CertificateRequest;
25 import club.wpia.gigi.testUtils.ClientTest;
27 @RunWith(Parameterized.class)
28 public class TestCAAValidation extends ClientTest {
30 @Parameters(name = "CAATest({0}) = {1}")
31 public static Iterable<Object[]> genParams() throws IOException {
34 String caa = (String) getTestProps().get("domain.CAAtest");
36 String[] parts = caa.split(" ");
37 Object[][] res = new Object[parts.length][];
38 for (int i = 0; i < res.length; i++) {
39 char firstChar = parts[i].charAt(0);
40 if (firstChar != '-' && firstChar != '+') {
41 throw new Error("malformed CAA test vector");
43 res[i] = new Object[] {
44 parts[i].substring(1), firstChar == '+'
47 return Arrays.<Object[]>asList(res);
54 public Boolean success;
57 public void testCAA() throws GigiApiException {
58 assertEquals(success, CAA.verifyDomainAccess(u, CertificateProfile.getByName("server"), domain));
62 public void testCAACert() throws GeneralSecurityException, IOException, GigiApiException, InterruptedException {
63 Domain d = new Domain(u, u, PublicSuffixes.getInstance().getRegistrablePart(domain));
65 String csr = generatePEMCSR(generateKeypair(), "CN=test");
66 CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u, false), csr);
68 cr.update("", Digest.SHA512.toString(), "server", null, null, "dns:" + domain + "\n");
69 } catch (GigiApiException e) {
70 assertThat(e.getMessage(), containsString("has been removed"));
75 Certificate draft = cr.draft();
76 Job j = draft.issue(null, "2y", u);
79 assertEquals(CertificateStatus.ISSUED, draft.getStatus());