tests/org/cacert/gigi/api/IssueCert.java

   1 package org.cacert.gigi.api;
   2
   3 import static org.junit.Assert.*;
   4
   5 import java.io.ByteArrayInputStream;
   6 import java.io.IOException;
   7 import java.io.InputStreamReader;
   8 import java.io.OutputStream;
   9 import java.io.UnsupportedEncodingException;
  10 import java.net.HttpURLConnection;
  11 import java.net.MalformedURLException;
  12 import java.net.URL;
  13 import java.net.URLEncoder;
  14 import java.security.KeyManagementException;
  15 import java.security.KeyPair;
  16 import java.security.NoSuchAlgorithmException;
  17 import java.security.PrivateKey;
  18 import java.security.cert.CertificateFactory;
  19 import java.security.cert.X509Certificate;
  20
  21 import org.cacert.gigi.dbObjects.Certificate;
  22 import org.cacert.gigi.dbObjects.Certificate.CSRType;
  23 import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
  24 import org.cacert.gigi.dbObjects.CertificateProfile;
  25 import org.cacert.gigi.dbObjects.Digest;
  26 import org.cacert.gigi.testUtils.ClientTest;
  27 import org.cacert.gigi.testUtils.IOUtils;
  28 import org.junit.Test;
  29
  30 import sun.security.x509.X500Name;
  31
  32 public class IssueCert extends ClientTest {
  33
  34     @Test
  35     public void testIssueCert() throws Exception {
  36         KeyPair kp = generateKeypair();
  37         String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com");
  38         Certificate c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1));
  39         final PrivateKey pk = kp.getPrivate();
  40         c.issue(null, "2y", u).waitFor(60000);
  41         final X509Certificate ce = c.cert();
  42         HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CreateCertificate.PATH).openConnection();
  43         authenticateClientCert(pk, ce, connection);
  44         connection.setDoOutput(true);
  45         OutputStream os = connection.getOutputStream();
  46         os.write(("profile=client&csr=" + URLEncoder.encode(generatePEMCSR(kp, "EMAIL=" + email + ",CN=CAcert WoT User"), "UTF-8")).getBytes("UTF-8"));
  47         os.flush();
  48         assertEquals(connection.getResponseCode(), 200);
  49         String cert = IOUtils.readURL(new InputStreamReader(connection.getInputStream(), "UTF-8"));
  50         CertificateFactory cf = CertificateFactory.getInstance("X509");
  51         java.security.cert.X509Certificate xcert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert.getBytes("UTF-8")));
  52         assertEquals("CAcert WoT User", ((X500Name) xcert.getSubjectDN()).getCommonName());
  53
  54         revoke(pk, ce, xcert.getSerialNumber().toString(16).toLowerCase());
  55         revoke(pk, ce, c.getSerial().toLowerCase());
  56
  57         assertEquals(CertificateStatus.REVOKED, c.getStatus());
  58
  59     }
  60
  61     private void revoke(final PrivateKey pk, final X509Certificate ce, String serial) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException {
  62         HttpURLConnection connection;
  63         OutputStream os;
  64         connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + "/account/certs/revoke").openConnection();
  65         authenticateClientCert(pk, ce, connection);
  66         connection.setDoOutput(true);
  67         os = connection.getOutputStream();
  68         os.write(("serial=" + URLEncoder.encode(serial, "UTF-8")).getBytes("UTF-8"));
  69         os.flush();
  70         assertEquals(connection.getResponseCode(), 200);
  71     }
  72 }