X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=tests%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2FTestCertificateAdd.java;h=5aebe2d87698d1fdc769f61b34075805c23a64a1;hb=f96b3da29921ef8ca10b07b1abbd0b964d3c6826;hp=36bc70fb2690596a62ba270bf00f1342907a76f7;hpb=8b2627181ee5a5e5eba571b1f9e55ad12ed28415;p=gigi.git

diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
index 36bc70fb..5aebe2d8 100644
--- a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
+++ b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
@@ -16,6 +16,7 @@ import java.net.URLEncoder;
 import java.security.GeneralSecurityException;
 import java.security.KeyPair;
 import java.security.Signature;
+import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -55,6 +56,13 @@ import sun.security.x509.X509Key;
 
 public class TestCertificateAdd extends ClientTest {
 
+    private static class OnPageError extends Error {
+
+        public OnPageError(String page) {
+            super(page);
+        }
+    }
+
     KeyPair kp = generateKeypair();
 
     String csrf;
@@ -67,7 +75,7 @@ public class TestCertificateAdd extends ClientTest {
     @Test
     public void testSimpleServer() throws IOException, GeneralSecurityException {
         PKCS10Attributes atts = buildAtts(new ObjectIdentifier[] {
-            CertificateRequest.OID_KEY_USAGE_SSL_SERVER
+                CertificateRequest.OID_KEY_USAGE_SSL_SERVER
         }, new DNSName(uniq + ".tld"));
 
         String pem = generatePEMCSR(kp, "CN=a." + uniq + ".tld", atts);
@@ -81,7 +89,7 @@ public class TestCertificateAdd extends ClientTest {
     @Test
     public void testSimpleMail() throws IOException, GeneralSecurityException {
         PKCS10Attributes atts = buildAtts(new ObjectIdentifier[] {
-            CertificateRequest.OID_KEY_USAGE_EMAIL_PROTECTION
+                CertificateRequest.OID_KEY_USAGE_EMAIL_PROTECTION
         }, new DNSName("a." + uniq + ".tld"), new DNSName("b." + uniq + ".tld"), new RFC822Name(email));
 
         String pem = generatePEMCSR(kp, "CN=a b", atts, "SHA384WithRSA");
@@ -95,7 +103,7 @@ public class TestCertificateAdd extends ClientTest {
     @Test
     public void testSimpleClient() throws IOException, GeneralSecurityException {
         PKCS10Attributes atts = buildAtts(new ObjectIdentifier[] {
-            CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
+                CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
         }, new RFC822Name(email));
 
         String pem = generatePEMCSR(kp, "CN=a b,email=" + email, atts, "SHA512WithRSA");
@@ -115,7 +123,7 @@ public class TestCertificateAdd extends ClientTest {
     @Test
     public void testIssue() throws IOException, GeneralSecurityException {
         PKCS10Attributes atts = buildAtts(new ObjectIdentifier[] {
-            CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
+                CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
         }, new RFC822Name(email));
 
         String pem = generatePEMCSR(kp, "CN=a b,email=" + email, atts, "SHA512WithRSA");
@@ -131,7 +139,7 @@ public class TestCertificateAdd extends ClientTest {
         OutputStream out = huc.getOutputStream();
         out.write(("csrf=" + URLEncoder.encode(csrf, "UTF-8")).getBytes("UTF-8"));
         out.write(("&CN=CAcert+WoT+User&profile=client&SANs=" + URLEncoder.encode("email:" + email + "\n", "UTF-8")).getBytes("UTF-8"));
-        out.write(("&hash_alg=SHA512&CCA=y").getBytes("UTF-8"));
+        out.write(("&hash_alg=SHA512").getBytes("UTF-8"));
         URLConnection uc = authenticate(new URL(huc.getHeaderField("Location") + ".crt"));
         String crt = IOUtils.readURL(new InputStreamReader(uc.getInputStream(), "UTF-8"));
 
@@ -148,6 +156,12 @@ public class TestCertificateAdd extends ClientTest {
 
         uc = authenticate(new URL(huc.getHeaderField("Location")));
         String gui = IOUtils.readURL(uc);
+        Pattern p = Pattern.compile("-----BEGIN CERTIFICATE-----[^-]+-----END CERTIFICATE-----");
+        Matcher m = p.matcher(gui);
+        assertTrue(m.find());
+        byte[] cert = PEM.decode("CERTIFICATE", m.group(0));
+        Certificate c = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(cert));
+        gui = c.toString();
         assertThat(gui, containsString("clientAuth"));
         assertThat(gui, containsString("CN=CAcert WoT User"));
         assertThat(gui, containsString("SHA512withRSA"));
@@ -236,7 +250,7 @@ public class TestCertificateAdd extends ClientTest {
 
     private X509Certificate createCertWithValidity(String validity) throws IOException, GeneralSecurityException, UnsupportedEncodingException, MalformedURLException, CertificateException {
         PKCS10Attributes atts = buildAtts(new ObjectIdentifier[] {
-            CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
+                CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
         }, new RFC822Name(email));
 
         String pem = generatePEMCSR(kp, "CN=a b", atts, "SHA512WithRSA");
@@ -248,7 +262,7 @@ public class TestCertificateAdd extends ClientTest {
         OutputStream out = huc.getOutputStream();
         out.write(("csrf=" + URLEncoder.encode(csrf, "UTF-8")).getBytes("UTF-8"));
         out.write(("&profile=client&CN=" + CertificateRequest.DEFAULT_CN + "&SANs=" + URLEncoder.encode("email:" + email + "\n", "UTF-8")).getBytes("UTF-8"));
-        out.write(("&hash_alg=SHA512&CCA=y&").getBytes("UTF-8"));
+        out.write(("&hash_alg=SHA512&").getBytes("UTF-8"));
         out.write(validity.getBytes("UTF-8"));
 
         String certurl = huc.getHeaderField("Location");
@@ -288,8 +302,9 @@ public class TestCertificateAdd extends ClientTest {
             assertArrayEquals(new String[] {
                     "client", CertificateRequest.DEFAULT_CN, "", Digest.SHA512.toString()
             }, res);
-        } catch (Error e) {
-            assertTrue(e.getMessage().startsWith("<div>Challenge mismatch"));
+        } catch (OnPageError e) {
+            String error = fetchStartErrorMessage(e.getMessage());
+            assertTrue(error, error.startsWith("<p>Challenge mismatch"));
         }
         return csrf;
     }
@@ -303,7 +318,7 @@ public class TestCertificateAdd extends ClientTest {
         }
         attributeValue.set("SANs", new SubjectAlternativeNameExtension(names));
         PKCS10Attributes atts = new PKCS10Attributes(new PKCS10Attribute[] {
-            new PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID, attributeValue)
+                new PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID, attributeValue)
         });
         ExtendedKeyUsageExtension eku = new ExtendedKeyUsageExtension(//
                 new Vector<>(Arrays.<ObjectIdentifier>asList(ekuOIDs)));
@@ -334,9 +349,8 @@ public class TestCertificateAdd extends ClientTest {
 
     private String[] extractFormData(HttpURLConnection uc) throws IOException, Error {
         String result = IOUtils.readURL(uc);
-        if (result.contains("<div class='formError'>")) {
-            String s = fetchStartErrorMessage(result);
-            throw new Error(s);
+        if (hasError().matches(result)) {
+            throw new OnPageError(result);
         }
 
         String profileKey = extractPattern(result, Pattern.compile("<option value=\"([^\"]*)\" selected>"));