import static org.junit.Assert.*;
import java.io.ByteArrayInputStream;
+import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
+import java.security.KeyManagementException;
import java.security.KeyPair;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
-import java.util.Collection;
import org.cacert.gigi.dbObjects.Certificate;
import org.cacert.gigi.dbObjects.Certificate.CSRType;
+import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.Digest;
import org.cacert.gigi.testUtils.ClientTest;
import org.cacert.gigi.testUtils.IOUtils;
import org.junit.Test;
@Test
public void testIssueCert() throws Exception {
KeyPair kp = generateKeypair();
- String key1 = generatePEMCSR(kp, "CN=testmail@example.com");
- Certificate c = new Certificate(u, Certificate.buildDN("CN", "testmail@example.com"), "sha256", key1, CSRType.CSR, CertificateProfile.getById(1));
+ String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com");
+ Certificate c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1));
final PrivateKey pk = kp.getPrivate();
- c.issue(null, "2y").waitFor(60000);
+ c.issue(null, "2y", u).waitFor(60000);
final X509Certificate ce = c.cert();
- HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + "/account/certs/new").openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CreateCertificate.PATH).openConnection();
authenticateClientCert(pk, ce, connection);
connection.setDoOutput(true);
OutputStream os = connection.getOutputStream();
- os.write(("csr=" + URLEncoder.encode(generatePEMCSR(kp, "CN=a b"), "UTF-8")).getBytes("UTF-8"));
+ os.write(("profile=client&csr=" + URLEncoder.encode(generatePEMCSR(kp, "EMAIL=" + email + ",CN=CAcert WoT User"), "UTF-8")).getBytes("UTF-8"));
os.flush();
assertEquals(connection.getResponseCode(), 200);
String cert = IOUtils.readURL(new InputStreamReader(connection.getInputStream(), "UTF-8"));
CertificateFactory cf = CertificateFactory.getInstance("X509");
- Collection<? extends java.security.cert.Certificate> certs = cf.generateCertificates(new ByteArrayInputStream(cert.getBytes()));
- assertEquals("a b", ((X500Name) ((X509Certificate) certs.iterator().next()).getSubjectDN()).getCommonName());
+ java.security.cert.X509Certificate xcert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert.getBytes("UTF-8")));
+ assertEquals("CAcert WoT User", ((X500Name) xcert.getSubjectDN()).getCommonName());
+
+ revoke(pk, ce, xcert.getSerialNumber().toString(16).toLowerCase());
+ revoke(pk, ce, c.getSerial().toLowerCase());
+
+ assertEquals(CertificateStatus.REVOKED, c.getStatus());
+
+ }
+
+ private void revoke(final PrivateKey pk, final X509Certificate ce, String serial) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException {
+ HttpURLConnection connection;
+ OutputStream os;
+ connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + "/account/certs/revoke").openConnection();
+ authenticateClientCert(pk, ce, connection);
+ connection.setDoOutput(true);
+ os = connection.getOutputStream();
+ os.write(("serial=" + URLEncoder.encode(serial, "UTF-8")).getBytes("UTF-8"));
+ os.flush();
+ assertEquals(connection.getResponseCode(), 200);
}
}
projects / gigi.git / blobdiff