X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=tests%2Forg%2Fcacert%2Fgigi%2FTestCertificate.java;h=f686498976fd8470ede64e3038e58bbd93ca100b;hb=af1651c1ebb7fe2633181653a2b66a11ca6926fd;hp=e6cef97b8a0ab096840593c1a8af561773870215;hpb=b93a39014fe39b0b3527849acc0e57e5b7772f1b;p=gigi.git diff --git a/tests/org/cacert/gigi/TestCertificate.java b/tests/org/cacert/gigi/TestCertificate.java index e6cef97b..f6864989 100644 --- a/tests/org/cacert/gigi/TestCertificate.java +++ b/tests/org/cacert/gigi/TestCertificate.java @@ -1,23 +1,12 @@ package org.cacert.gigi; import java.io.IOException; -import java.net.HttpURLConnection; -import java.net.MalformedURLException; -import java.net.Socket; -import java.net.URL; import java.security.GeneralSecurityException; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.Principal; import java.security.PrivateKey; import java.security.cert.X509Certificate; import java.sql.SQLException; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.SSLContext; -import javax.net.ssl.X509KeyManager; - +import org.cacert.gigi.Certificate.CSRType; import org.cacert.gigi.Certificate.CertificateStatus; import org.cacert.gigi.testUtils.ManagedTest; import org.cacert.gigi.testUtils.PemKey; @@ -30,73 +19,17 @@ public class TestCertificate extends ManagedTest { public void testClientCertLoginStates() throws IOException, GeneralSecurityException, SQLException, InterruptedException { String[] key1 = generateCSR("/CN=testmail@example.com"); - Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key1[1]); + Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key1[1], CSRType.CSR); final PrivateKey pk = PemKey.parsePEMPrivateKey(key1[0]); c.issue().waitFor(60000); final X509Certificate ce = c.cert(); - System.out.println(ce); - testLogin(pk, ce, true); - } - - private void testLogin(final PrivateKey pk, final X509Certificate ce, boolean success) - throws NoSuchAlgorithmException, KeyManagementException, IOException, MalformedURLException { - KeyManager km = new X509KeyManager() { - - @Override - public String chooseClientAlias(String[] arg0, Principal[] arg1, Socket arg2) { - return "client"; - } - - @Override - public String chooseServerAlias(String arg0, Principal[] arg1, Socket arg2) { - return null; - } - - @Override - public X509Certificate[] getCertificateChain(String arg0) { - return new X509Certificate[] { ce }; - } - - @Override - public String[] getClientAliases(String arg0, Principal[] arg1) { - return new String[] { "client" }; - } - - @Override - public PrivateKey getPrivateKey(String arg0) { - if (arg0.equals("client")) { - return pk; - } - return null; - } - - @Override - public String[] getServerAliases(String arg0, Principal[] arg1) { - return new String[] { "client" }; - } - }; - SSLContext sc = SSLContext.getInstance("TLS"); - sc.init(new KeyManager[] { km }, null, null); - - HttpURLConnection connection = (HttpURLConnection) new URL("https://" - + getServerName().replaceFirst("^www.", "secure.") + "/login").openConnection(); - if (connection instanceof HttpsURLConnection) { - ((HttpsURLConnection) connection).setSSLSocketFactory(sc.getSocketFactory()); - } - if (success) { - assertEquals(302, connection.getResponseCode()); - assertEquals("https://" + getServerName().replaceFirst("^www.", "secure.").replaceFirst(":443$", "") + "/", - connection.getHeaderField("Location").replaceFirst(":443$", "")); - } else { - assertNotEquals(302, connection.getResponseCode()); - assertNull(connection.getHeaderField("Location")); - } + assertNotNull(login(pk, ce)); } @Test public void testCertLifeCycle() throws IOException, GeneralSecurityException, SQLException, InterruptedException { String[] key1 = generateCSR("/CN=testmail@example.com"); - Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key1[1]); + Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key1[1], CSRType.CSR); final PrivateKey pk = PemKey.parsePEMPrivateKey(key1[0]); testFails(CertificateStatus.DRAFT, c); @@ -104,11 +37,11 @@ public class TestCertificate extends ManagedTest { testFails(CertificateStatus.ISSUED, c); X509Certificate cert = c.cert(); - testLogin(pk, cert, true); + assertNotNull(login(pk, cert)); c.revoke().waitFor(60000); testFails(CertificateStatus.REVOKED, c); - testLogin(pk, cert, false); + assertNull(login(pk, cert)); }