import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.Field;
-import java.sql.Date;
+import java.security.GeneralSecurityException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.Signature;
+import java.util.Base64;
import java.util.Calendar;
+import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
+import java.util.TreeSet;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.cacert.gigi.Gigi;
import org.cacert.gigi.GigiApiException;
-import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.crypto.SPKAC;
import org.cacert.gigi.database.GigiPreparedStatement;
+import org.cacert.gigi.dbObjects.Assurance.AssuranceType;
+import org.cacert.gigi.dbObjects.CATS;
+import org.cacert.gigi.dbObjects.CATS.CATSType;
+import org.cacert.gigi.dbObjects.Certificate;
+import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
+import org.cacert.gigi.dbObjects.CertificateOwner;
+import org.cacert.gigi.dbObjects.Digest;
+import org.cacert.gigi.dbObjects.Domain;
+import org.cacert.gigi.dbObjects.DomainPingType;
import org.cacert.gigi.dbObjects.EmailAddress;
import org.cacert.gigi.dbObjects.Group;
+import org.cacert.gigi.dbObjects.Name;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.email.EmailProvider;
import org.cacert.gigi.localisation.Language;
-import org.cacert.gigi.output.template.Form;
import org.cacert.gigi.output.template.IterableDataset;
import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.pages.account.certs.CertificateRequest;
+import org.cacert.gigi.ping.DomainPinger;
+import org.cacert.gigi.ping.PingerDaemon;
+import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.DayDate;
import org.cacert.gigi.util.Notary;
+import sun.security.x509.X509Key;
+
public class Manager extends Page {
public static final String PATH = "/manager";
- Field f;
+ private static HashMap<DomainPingType, DomainPinger> dps;
private Manager() {
super("Test Manager");
+
try {
- f = EmailAddress.class.getDeclaredField("hash");
+ Field gigiInstance = Gigi.class.getDeclaredField("instance");
+ gigiInstance.setAccessible(true);
+ Gigi g = (Gigi) gigiInstance.get(null);
+
+ Field gigiPinger = Gigi.class.getDeclaredField("pinger");
+ gigiPinger.setAccessible(true);
+ PingerDaemon pd = (PingerDaemon) gigiPinger.get(g);
+
+ Field f = PingerDaemon.class.getDeclaredField("pingers");
f.setAccessible(true);
+ dps = (HashMap<DomainPingType, DomainPinger>) f.get(pd);
+ HashMap<DomainPingType, DomainPinger> pingers = new HashMap<>();
+ for (DomainPingType dpt : DomainPingType.values()) {
+ pingers.put(dpt, new PingerFetcher(dpt));
+ }
+ f.set(pd, pingers);
} catch (ReflectiveOperationException e) {
- throw new Error(e);
+ e.printStackTrace();
}
}
- public User[] getAssurers() {
- if (assurers != null) {
- return assurers;
+ public User getAssurer(int i) {
+ if (assurers[i] != null) {
+ return assurers[i];
}
- assurers = new User[10];
try {
- GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?");
- for (int i = 0; i < assurers.length; i++) {
- String mail = "test-assurer" + i + "@example.com";
- User u = User.getByEmail(mail);
- if (u == null) {
- createUser(mail);
- u = User.getByEmail(mail);
- passCATS(u);
- ps.setInt(1, u.getId());
- ps.setInt(2, u.getId());
- ps.setInt(3, 100);
- ps.setString(4, "Manager init code");
- ps.setString(5, "1990-01-01");
- ps.execute();
- }
- assurers[i] = u;
+ User u = createAssurer(i);
+ assurers[i] = u;
- }
} catch (ReflectiveOperationException | GigiApiException e) {
e.printStackTrace();
}
- return assurers;
+ return assurers[i];
+ }
+
+ private User createAssurer(int i) throws GigiApiException, IllegalAccessException {
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) {
+ String mail = "test-assurer" + i + "@example.com";
+ User u = User.getByEmail(mail);
+ if (u == null) {
+ System.out.println("Creating assurer");
+ createUser(mail);
+ u = User.getByEmail(mail);
+ passCATS(u, CATSType.ASSURER_CHALLENGE);
+ ps.setInt(1, u.getId());
+ ps.setInt(2, u.getId());
+ ps.setInt(3, 100);
+ ps.setString(4, "Manager init code");
+ ps.setString(5, "1990-01-01");
+ ps.execute();
+ }
+ return u;
+ }
}
- private void passCATS(User u) {
- GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO cats_passed SET user_id=?, variant_id=3");
- ps.setInt(1, u.getId());
- ps.execute();
+ private void passCATS(User u, CATSType t) {
+ CATS.enterResult(u, t, new Date(System.currentTimeMillis()), "en_EN", "1");
}
private static Manager instance;
HashMap<String, LinkedList<String>> emails = new HashMap<>();
+ private static TreeSet<String> pingExempt = new TreeSet<>();
+
public static Manager getInstance() {
if (instance == null) {
instance = new Manager();
}
- public class ManagementForm extends Form {
+ public class PingerFetcher extends DomainPinger {
- public ManagementForm(HttpServletRequest hsr) {
- super(hsr);
- }
+ private DomainPingType dpt;
- @Override
- public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
- return false;
+ public PingerFetcher(DomainPingType dpt) {
+ this.dpt = dpt;
}
@Override
- protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
- getDefaultTemplate().output(out, l, vars);
+ public void ping(Domain domain, String configuration, CertificateOwner target, int confId) {
+ System.out.println("Test: " + domain);
+ if (pingExempt.contains(domain.getSuffix())) {
+ enterPingResult(confId, DomainPinger.PING_SUCCEDED, "Succeeded by TestManager pass-by", null);
+ } else {
+ dps.get(dpt).ping(domain, configuration, target, confId);
+ }
}
}
}
private void createUser(String email) throws GigiApiException, IllegalAccessException {
- User u = new User();
- u.setFName("Först");
- u.setMName("Müddle");
- u.setLName("Läst");
- u.setSuffix("Süffix");
- u.setEmail(email);
Calendar gc = GregorianCalendar.getInstance();
+ gc.setTimeInMillis(0);
gc.set(1990, 0, 1);
- u.setDoB(new Date(gc.getTime().getTime()));
- u.setPreferredLocale(Locale.ENGLISH);
- u.insert("xvXV12°§");
- EmailAddress ea = new EmailAddress(u, email);
- ea.insert(Language.getInstance(Locale.ENGLISH));
- String hash = (String) f.get(ea);
-
- ea.verify(hash);
+ User u = new User(email, "xvXV12°§", new Name("Först", "Läst", "Müddle", "Süffix"), new DayDate(gc.getTime().getTime()), Locale.ENGLISH);
+ EmailAddress ea = u.getEmails()[0];
+ verify(email, ea);
+ }
+
+ private void verify(String email, EmailAddress ea) throws GigiApiException {
+ LinkedList<String> i = emails.get(email);
+ while (i.size() > 0 && !ea.isVerified()) {
+ String lst = i.getLast();
+ Pattern p = Pattern.compile("hash=([a-zA-Z0-9]+)");
+ Matcher m = p.matcher(lst);
+ if (m.find()) {
+ ea.verify(m.group(1));
+ }
+ i.removeLast();
+ }
+ // ea.verify(hash);
}
- User[] assurers;
+ User[] assurers = new User[25];
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
fetchMails(req, resp, mail);
} else if (req.getParameter("cats") != null) {
String mail = req.getParameter("catsEmail");
+ String testId = req.getParameter("catsType");
User byEmail = User.getByEmail(mail);
if (byEmail == null) {
resp.getWriter().println("User not found.");
return;
}
- passCATS(byEmail);
- resp.getWriter().println("User has been passed CATS");
+ if (testId == null) {
+ resp.getWriter().println("No test given.");
+ return;
+ }
+ CATSType test = CATSType.values()[Integer.parseInt(testId)];
+ passCATS(byEmail, test);
+ resp.getWriter().println("Test '" + test.getDisplayName() + "' was added to user account.");
} else if (req.getParameter("assure") != null) {
String mail = req.getParameter("assureEmail");
User byEmail = User.getByEmail(mail);
return;
}
try {
- for (int i = 0; i < getAssurers().length; i++) {
- Notary.assure(getAssurers()[i], byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06");
+ for (int i = 0; i < 10; i++) {
+ Notary.assure(getAssurer(i), byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06", AssuranceType.FACE_TO_FACE);
}
} catch (GigiApiException e) {
throw new Error(e);
}
resp.getWriter().println("User has been assured.");
+ } else if (req.getParameter("letassure") != null) {
+ String mail = req.getParameter("letassureEmail");
+ User byEmail = User.getByEmail(mail);
+ try {
+ for (int i = 0; i < 25; i++) {
+ User a = getAssurer(i);
+ Notary.assure(byEmail, a, a.getName(), a.getDoB(), 10, "Testmanager exp up code", "2014-11-06", AssuranceType.FACE_TO_FACE);
+ }
+ } catch (GigiApiException e) {
+ throw new Error(e);
+ }
+ } else if (req.getParameter("addEmail") != null) {
+ User u = User.getByEmail(req.getParameter("addEmailEmail"));
+ try {
+ EmailAddress ea = new EmailAddress(u, req.getParameter("addEmailNew"), Locale.ENGLISH);
+ verify(ea.getAddress(), ea);
+ } catch (IllegalArgumentException e) {
+ e.printStackTrace();
+ resp.getWriter().println("An internal error occured.");
+ } catch (GigiApiException e) {
+ e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH));
+ }
+ } else if (req.getParameter("addCert") != null) {
+ User u = User.getByEmail(req.getParameter("addCertEmail"));
+ try {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ kpg.initialize(4096);
+ KeyPair kp = kpg.generateKeyPair();
+ SPKAC s = new SPKAC((X509Key) kp.getPublic(), "challange");
+ Signature sign = Signature.getInstance("SHA512withRSA");
+ sign.initSign(kp.getPrivate());
+
+ byte[] res = s.getEncoded(sign);
+
+ CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), Base64.getEncoder().encodeToString(res), "challange");
+ cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail(), resp.getWriter(), req);
+ Certificate draft = cr.draft();
+ draft.issue(null, "2y", u).waitFor(10000);
+ if (draft.getStatus() == CertificateStatus.ISSUED) {
+ resp.getWriter().println("added certificate");
+ } else {
+ resp.getWriter().println("signer failed");
+ }
+ } catch (GeneralSecurityException e1) {
+ e1.printStackTrace();
+ resp.getWriter().println("error");
+ } catch (GigiApiException e) {
+ e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH));
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ resp.getWriter().println("interrupted");
+ }
+
+ } else if (req.getParameter("addExDom") != null) {
+ String dom = req.getParameter("exemtDom");
+ pingExempt.add(dom);
+ resp.getWriter().println("Updated domains exempt from pings. Current set: <br/>");
+ resp.getWriter().println(pingExempt);
+ } else if (req.getParameter("delExDom") != null) {
+ String dom = req.getParameter("exemtDom");
+ pingExempt.remove(dom);
+ resp.getWriter().println("Updated domains exempt from pings. Current set: <br/>");
+ resp.getWriter().println(pingExempt);
}
}
}
}
+ private Template form = new Template(Manager.class.getResource("Manager.templ"));
+
@Override
public boolean needsLogin() {
return false;
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- getAssurers();
String pi = req.getPathInfo().substring(PATH.length());
if (pi.length() > 1 && pi.startsWith("/fetch-")) {
String mail = pi.substring(pi.indexOf('-', 2) + 1);
fetchMails(req, resp, mail);
return;
}
+ HashMap<String, Object> vars = new HashMap<>();
+ vars.put("cats_types", new IterableDataset() {
+
+ CATSType[] type = CATSType.values();
+
+ int i = 0;
- new ManagementForm(req).output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+ @Override
+ public boolean next(Language l, Map<String, Object> vars) {
+ if (i >= type.length) {
+ return false;
+ }
+ CATSType t = type[i++];
+ vars.put("id", i - 1);
+ vars.put("name", t.getDisplayName());
+ return true;
+ }
+ });
+ form.output(resp.getWriter(), getLanguage(req), vars);
}
}