X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=tests%2Forg%2Fcacert%2Fgigi%2Fapi%2FIssueCert.java;h=faa8618e246e27ccc282d95b56f2d62f065a6170;hb=50b8341607e23812216349ef37711e5a85d957c3;hp=83a20a98cb472f56f04b2204db05e5b5f52e6054;hpb=9474df27407dd99134876f2c8a2a3b6e7d1fae6a;p=gigi.git diff --git a/tests/org/cacert/gigi/api/IssueCert.java b/tests/org/cacert/gigi/api/IssueCert.java index 83a20a98..faa8618e 100644 --- a/tests/org/cacert/gigi/api/IssueCert.java +++ b/tests/org/cacert/gigi/api/IssueCert.java @@ -3,20 +3,26 @@ package org.cacert.gigi.api; import static org.junit.Assert.*; import java.io.ByteArrayInputStream; +import java.io.IOException; import java.io.InputStreamReader; import java.io.OutputStream; +import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; +import java.net.MalformedURLException; import java.net.URL; import java.net.URLEncoder; +import java.security.KeyManagementException; import java.security.KeyPair; +import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; -import java.util.Collection; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; +import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.testUtils.ClientTest; import org.cacert.gigi.testUtils.IOUtils; import org.junit.Test; @@ -28,21 +34,39 @@ public class IssueCert extends ClientTest { @Test public void testIssueCert() throws Exception { KeyPair kp = generateKeypair(); - String key1 = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(u, Certificate.buildDN("CN", "testmail@example.com"), "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); + String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com"); + Certificate c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); - c.issue(null, "2y").waitFor(60000); + c.issue(null, "2y", u).waitFor(60000); final X509Certificate ce = c.cert(); - HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + "/account/certs/new").openConnection(); + HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CreateCertificate.PATH).openConnection(); authenticateClientCert(pk, ce, connection); connection.setDoOutput(true); OutputStream os = connection.getOutputStream(); - os.write(("csr=" + URLEncoder.encode(generatePEMCSR(kp, "CN=a b"), "UTF-8")).getBytes("UTF-8")); + os.write(("profile=client&csr=" + URLEncoder.encode(generatePEMCSR(kp, "EMAIL=" + email + ",CN=CAcert WoT User"), "UTF-8")).getBytes("UTF-8")); os.flush(); assertEquals(connection.getResponseCode(), 200); String cert = IOUtils.readURL(new InputStreamReader(connection.getInputStream(), "UTF-8")); CertificateFactory cf = CertificateFactory.getInstance("X509"); - Collection certs = cf.generateCertificates(new ByteArrayInputStream(cert.getBytes())); - assertEquals("a b", ((X500Name) ((X509Certificate) certs.iterator().next()).getSubjectDN()).getCommonName()); + java.security.cert.X509Certificate xcert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert.getBytes("UTF-8"))); + assertEquals("CAcert WoT User", ((X500Name) xcert.getSubjectDN()).getCommonName()); + + revoke(pk, ce, xcert.getSerialNumber().toString(16).toLowerCase()); + revoke(pk, ce, c.getSerial().toLowerCase()); + + assertEquals(CertificateStatus.REVOKED, c.getStatus()); + + } + + private void revoke(final PrivateKey pk, final X509Certificate ce, String serial) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException { + HttpURLConnection connection; + OutputStream os; + connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + "/account/certs/revoke").openConnection(); + authenticateClientCert(pk, ce, connection); + connection.setDoOutput(true); + os = connection.getOutputStream(); + os.write(("serial=" + URLEncoder.encode(serial, "UTF-8")).getBytes("UTF-8")); + os.flush(); + assertEquals(connection.getResponseCode(), 200); } }