add: ensure that for RA Agent actions there is a valid RA Challenge

[gigi.git] / tests / club / wpia / gigi / testUtils / ConfiguredTest.java

diff --git a/tests/club/wpia/gigi/testUtils/ConfiguredTest.java b/tests/club/wpia/gigi/testUtils/ConfiguredTest.java
index 16abb06cf2623c36de562da1dbbba8b354e51419..c0d6d4f74e4ee63a2c489d1ad76e812d029d6f98 100644 (file)
--- a/tests/club/wpia/gigi/testUtils/ConfiguredTest.java
+++ b/tests/club/wpia/gigi/testUtils/ConfiguredTest.java
@@ -20,6 +20,7 @@ import java.security.Signature;
 import java.security.spec.RSAPrivateKeySpec;
 import java.security.spec.RSAPublicKeySpec;
 import java.sql.SQLException;
+import java.sql.Timestamp;
 import java.text.SimpleDateFormat;
 import java.util.Calendar;
 import java.util.Date;
@@ -32,16 +33,19 @@ import java.util.regex.Pattern;
 import org.junit.AfterClass;
 import org.junit.BeforeClass;
 
+import club.wpia.gigi.Gigi;
 import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.database.DatabaseConnection;
 import club.wpia.gigi.database.DatabaseConnection.Link;
 import club.wpia.gigi.database.GigiPreparedStatement;
 import club.wpia.gigi.database.SQLFileManager.ImportType;
+import club.wpia.gigi.dbObjects.CATS;
 import club.wpia.gigi.dbObjects.CATS.CATSType;
 import club.wpia.gigi.dbObjects.CertificateProfile;
 import club.wpia.gigi.dbObjects.Domain;
 import club.wpia.gigi.dbObjects.DomainPingType;
 import club.wpia.gigi.dbObjects.User;
+import club.wpia.gigi.passwords.PasswordStrengthChecker;
 import club.wpia.gigi.testUtils.TestEmailReceiver.TestMail;
 import club.wpia.gigi.util.DatabaseManager;
 import club.wpia.gigi.util.DomainAssessment;
@@ -105,6 +109,7 @@ public abstract class ConfiguredTest {
         TimeConditions.init(props);
         DomainAssessment.init(props);
         PasswordHash.init(props);
+        Gigi.setPasswordChecker(new PasswordStrengthChecker());
 
         if ( !DatabaseConnection.isInited()) {
             DatabaseConnection.init(testProps);
@@ -210,6 +215,16 @@ public abstract class ConfiguredTest {
             int keySize = 4096;
             long r_lv = 7331;
 
+            // The generated numbers p q and r fall into the
+            // following ranges:
+            // - p: 2^(lp-1) < p < 2^lp
+            // - q: 2^(lq-1) < q < 2^lq
+            // - r: 2^12 < r < 2^13
+            // Thus the generated number has at least lp+lq+11 bit and
+            // can have at most lp+lq+13 bit.
+            // Thus for random selection of p and q the algorithm will
+            // at some point select a number of length n=n/2+lr+(n-n/2-lr)=>n
+            // bit.
             int lp = (keySize + 1) >> 1;
             int lr = BigInteger.valueOf(r_lv).bitLength();
             int lq = keySize - lp - lr;
@@ -221,24 +236,17 @@ public abstract class ConfiguredTest {
                 // generate two random primes of size lp/lq
                 BigInteger p, q, r, n;
 
-                p = BigInteger.probablePrime(lp, random);
                 r = BigInteger.valueOf(r_lv);
                 do {
+                    p = BigInteger.probablePrime(lp, random);
                     q = BigInteger.probablePrime(lq, random);
 
-                    // convention is for p > q > r
-                    if (p.compareTo(q) < 0) {
-                        BigInteger tmp = p;
-                        p = q;
-                        q = tmp;
-                    }
-
                     // modulus n = p * q * r
                     n = p.multiply(q).multiply(r);
 
                     // even with correctly sized p, q and r, there is a chance
-                    // that n will be one bit short. re-generate the smaller
-                    // prime if so.
+                    // that n will be one bit short. re-generate the
+                    // primes if so.
                 } while (n.bitLength() < keySize);
 
                 // phi = (p - 1) * (q - 1) * (r - 1) must be relative prime to e
@@ -326,12 +334,28 @@ public abstract class ConfiguredTest {
     }
 
     public static void makeAgent(int uid) {
+        addChallenge(uid, CATSType.AGENT_CHALLENGE);
+        add100Points(uid);
+    }
+
+    public static void addChallenge(int uid, CATSType ct) {
         try (GigiPreparedStatement ps1 = new GigiPreparedStatement("INSERT INTO cats_passed SET user_id=?, variant_id=?, language='en_EN', version='1'")) {
             ps1.setInt(1, uid);
-            ps1.setInt(2, CATSType.AGENT_CHALLENGE.getId());
+            ps1.setInt(2, ct.getId());
             ps1.execute();
         }
+    }
 
+    public static void addChallengeInPast(int uid, CATSType ct) {
+        try (GigiPreparedStatement ps1 = new GigiPreparedStatement("INSERT INTO cats_passed SET user_id=?, variant_id=?, pass_date=?, language='en_EN', version='1'")) {
+            ps1.setInt(1, uid);
+            ps1.setInt(2, ct.getId());
+            ps1.setTimestamp(3, new Timestamp(new Date(System.currentTimeMillis() - 24L * 60 * 60 * (CATS.TEST_MONTHS + 1) * 31 * 1000L).getTime()));
+            ps1.execute();
+        }
+    }
+
+    public static void add100Points(int uid) {
         try (GigiPreparedStatement ps2 = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, points='100'")) {
             ps2.setInt(1, uid);
             ps2.setInt(2, User.getById(uid).getPreferredName().getId());
@@ -348,6 +372,12 @@ public abstract class ConfiguredTest {
             d.addPing(DomainPingType.EMAIL, "admin");
             TestMail testMail = getMailReceiver().receive("admin@" + d.getSuffix());
             testMail.verify();
+            // Enforce successful ping :-)
+            d.addPing(DomainPingType.HTTP, "a:b");
+            try (GigiPreparedStatement gps = new GigiPreparedStatement("INSERT INTO `domainPinglog` SET `configId`=(SELECT `id` FROM `pingconfig` WHERE `domainid`=? AND `type`='http'), state='success', needsAction=false")) {
+                gps.setInt(1, d.getId());
+                gps.execute();
+            }
             assertTrue(d.isVerified());
         } catch (GigiApiException e) {
             throw new Error(e);