]> WPIA git - gigi.git/blob - tests/club/wpia/gigi/dbObjects/TestCertificate.java
projects / gigi.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add: show sha-1 and sha-256 fingerprint on certificate page
[gigi.git] / tests / club / wpia / gigi / dbObjects / TestCertificate.java
1 package club.wpia.gigi.dbObjects;
2
3 import static org.junit.Assert.*;
4
5 import java.io.IOException;
6 import java.security.GeneralSecurityException;
7 import java.security.KeyPair;
8
9 import org.junit.Test;
10
11 import club.wpia.gigi.GigiApiException;
12 import club.wpia.gigi.database.GigiPreparedStatement;
13 import club.wpia.gigi.dbObjects.Certificate.AttachmentType;
14 import club.wpia.gigi.dbObjects.Certificate.CSRType;
15 import club.wpia.gigi.testUtils.ClientBusinessTest;
16
17 public class TestCertificate extends ClientBusinessTest {
18
19     @Test
20     public void testSetLoginEnabled() throws GeneralSecurityException, IOException, GigiApiException {
21         KeyPair kp = generateKeypair();
22         String key = generatePEMCSR(kp, "CN=testmail@example.com");
23         Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, getClientProfile());
24
25         assertFalse(c.isLoginEnabled());
26         c.setLoginEnabled(true);
27         assertTrue(c.isLoginEnabled());
28         c.setLoginEnabled(true);
29         assertTrue(c.isLoginEnabled());
30         c.setLoginEnabled(false);
31         assertFalse(c.isLoginEnabled());
32         c.setLoginEnabled(false);
33         assertFalse(c.isLoginEnabled());
34     }
35
36     @Test
37     public void testAttachment() throws GeneralSecurityException, IOException, GigiApiException {
38         KeyPair kp = generateKeypair();
39         String key = generatePEMCSR(kp, "CN=testmail@example.com");
40         Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, getClientProfile());
41         assertNull(c.getAttachment(AttachmentType.CRT));
42         assertEquals(key, c.getAttachment(AttachmentType.CSR));
43         try {
44             c.addAttachment(AttachmentType.CSR, "different CSR");
45             fail("double add attachment must fail");
46         } catch (GigiApiException e) {
47             // expected
48         }
49         assertNull(c.getAttachment(AttachmentType.CRT));
50         assertEquals(key, c.getAttachment(AttachmentType.CSR));
51         try {
52             c.addAttachment(AttachmentType.CRT, null);
53             fail("attachment must not be null");
54         } catch (GigiApiException e) {
55             // expected
56         }
57         assertNull(c.getAttachment(AttachmentType.CRT));
58         assertEquals(key, c.getAttachment(AttachmentType.CSR));
59         c.addAttachment(AttachmentType.CRT, "b");
60         assertEquals(key, c.getAttachment(AttachmentType.CSR));
61         assertEquals("b", c.getAttachment(AttachmentType.CRT));
62         try {
63             c.addAttachment(AttachmentType.CRT, "different CRT");
64             fail("double add attachment must fail");
65         } catch (GigiApiException e) {
66             // expected
67         }
68         assertEquals(key, c.getAttachment(AttachmentType.CSR));
69         assertEquals("b", c.getAttachment(AttachmentType.CRT));
70     }
71
72     @Test
73     public void testActor() throws GeneralSecurityException, IOException, GigiApiException {
74         KeyPair kp = generateKeypair();
75         String key = generatePEMCSR(kp, "CN=testmail@example.com");
76         Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, getClientProfile());
77
78         assertEquals(u, c.getActor());
79         assertEquals("AB", c.getActor().getInitials());
80     }
81
82     @Test
83     public void testFingerprint() throws IOException, GeneralSecurityException, GigiApiException {
84         Certificate c = importCertificate();
85         assertEquals("fa6175b369627d47a52b9fd73e87ccf087afbd10", c.getFingerprint("sha-1"));
86         assertEquals("98c3f2a5424d2404e0b2ccdae17d8cbc949ea36bddb0c3f152a931f88c17c3d3", c.getFingerprint("sha-256"));
87     }
88
89     private Certificate importCertificate() throws GigiApiException {
90         int certID;
91         try (GigiPreparedStatement inserter = new GigiPreparedStatement("INSERT INTO certs SET md=?::`mdType`, csr_type=?::`csrType`, memid=?, profile=?, actorid=?, created=NOW(), caid=?, expire=NOW()")) {
92             inserter.setString(1, Digest.SHA512.toString().toLowerCase());
93             inserter.setString(2, CSRType.CSR.toString());
94             inserter.setInt(3, u.getId());
95             inserter.setInt(4, 10);
96             inserter.setInt(5, u.getId());
97             inserter.setInt(6, 4);
98             inserter.execute();
99             certID = inserter.lastInsertId();
100         }
101
102         try (GigiPreparedStatement insertAVA = new GigiPreparedStatement("INSERT INTO `certAvas` SET `certId`=?, name=?, value=?")) {
103             insertAVA.setInt(1, certID);
104             insertAVA.setString(2, "EMAIL");
105             insertAVA.setString(3, u.getEmail());
106             insertAVA.execute();
107         }
108         Certificate c = Certificate.getById(certID);
109         String pem = "-----BEGIN CERTIFICATE-----MIIGIDCCBAigAwIBAgICCwIwDQYJKoZIhvcNAQENBQAwfzEUMBIGA1UEAwwLT3JnYSAyMDE4LTIxOzA5BgNVBAoMMlRlc3QgRW52aXJvbm1lbnQgQ0EgTHRkLiBvbiBTY2huZWVldWxlOiAyMDE2LTA5LTEwMR0wGwYDVQQLDBRUZXN0IEVudmlyb25tZW50IENBczELMAkGA1UEBhMCQVUwHhcNMTgxMjE4MTk0NzU2WhcNMTkwMTE4MTk0NzU2WjCBijELMAkGA1UECAwCcHIxLjAsBgkqhkiG9w0BCQEMH3Rlc3RAdGVzdDBtdm0xbDloeWl3dGg3ZmNhNHUuZGUxCzAJBgNVBAYMAkRFMQ0wCwYDVQQDDAR0ZXN0MQ0wCwYDVQQHDARjaXR5MSAwHgYDVQQKDBd0ZXN0dnpsdTdqYXhsaDhwbTVqYmEzdTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMynUASdhq0ERLgI1KEC3fR6CsZuEr6g76eoUP6v4CtKYcdkZZkjYOSnkqFOI3m6lYYky+EjpPDFbSZ4QI4yCbyvgTKKNHRhOsxEiH2UotLbzm6JZd+m+Vl7CWOx+l0VcrV/seXMM1vE3Wo24kAO3o+qmEu1MNfnTg0dxZRLU9CWDFIYvwl99wqQjFm8rr/wMrNMHZHZoOUEpd42PzpiESBlrXWguafonBbvLNIffv9Rs8Omb7KyBCrfvAuY+QRcNXI6kLCRXdRn+c1vYWOrBmpr6g7vD/rZrJaoxl6nYdWPTvBdlndolE5GTkoWL7XNz9VZocy+Itae9gilukkF25OGNB3kT6ktLEi7eGRVzh08svf8deIzqJGWPlsiwbsdA1yjtSXvcW7MQOy7naQkRCz2JP4JRU1i+RQAL11pma4JmjWpz+RII0H+aRiUak05dwxhVXZsu9eW4expyg+vGngbr2QGB4IxhQMlXttm0o6+x1wnqBA67pLC3AKxTsUNDk8oVBzxbBKsix79Onu7Fqb5ElvC8tjC362WQ0YYjtEO9dJA/O0JKzszzSee4czwLCsCi4p5nkEJmEcn31kHJTwb09l4FYLpEZFWaezYNq4h1195IxVvzLY+HM0Jub4bzfN+JUT3Vh/Y7aQ9KCGMz8hMhZ9AISSAxHqLiMDMOnHTAgMBAAGjgZkwgZYwKgYDVR0RBCMwIYEfdGVzdEB0ZXN0MG12bTFsOWh5aXd0aDdmY2E0dS5kZTALBgNVHQ8EBAMCAKgwEwYDVR0lBAwwCgYIKwYBBQUHAwIwRgYIKwYBBQUHAQEEOjA4MDYGCCsGAQUFBzAChipodHRwOi8vZzIub2NzcC5sb2NhbC50ZXN0LmJlbm55LWJhdW1hbm4uZGUwDQYJKoZIhvcNAQENBQADggIBABxgmcVpbNlxTsZWu+kNjg3rtswNLg6QpNjP9jyFiPoeSl7iayQv+PxoeP31gLOAvElO2td5soWam/pBp2e/WRylKTx9cDg4F20+3iJe/tbPZ951CCoQ52rcKZTKfmYYQQWen0uFapS8izKnjX7T7XL9EscGjdHkWFVvenbZFFssjzr9CgbMkE79YtdNuZwke80DGZCWMXWse3IYGBCIck594UDkrrvbH3HpeTJ4nc8A0yeJeS6azy7WT5kXFarOfo4I5gF0vz4W2tnuyW4PBIck3RwYHv4vlg5DF1lHxbRicAcz26BZUURgkfTIM1MznAOjWJgJCmThyJTykiwCX+bFzHwWBhCA06HXaRPS7OlVTvx02oreENhCredCDXLOgN3rpKe90EJWp1CsSPqZtvFEGL+KSB/kJHzsPO5tarmJjCXAdagUUqorilOBL1SBLnl9EzoXJMEvw6YX01/X8BL0LPr2A6Umw9F2NVx6lxihRb1QH1iNoeqiM7UMyTFDtrj18RUu9R2pU/2Gh9eJ99iXuze+Zkyes4rCYMDnzjXRhHenk3WnH8zwLmu1SeA/dJZP5eBq6lvl4jVISAmc4jrmagDFDC7/bgFKbERgJ5rdYu5QZ0dPYnujsWs7nskFldmuIZl0KSYWCmUXosGk0R4EIxOWNK5N/8kLo3jyZ7XZ-----END CERTIFICATE-----";
110         c.addAttachment(AttachmentType.CRT, pem);
111         return c;
112     }
113 }
WPIA Certificate Web Issuance Platform