X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=tests%2Fclub%2Fwpia%2Fgigi%2FtestUtils%2FConfiguredTest.java;h=3ece611c8686c17bc011835a8036463d379cbd07;hp=4dd091edd1aeb881f766f01826ee219c91a6a500;hb=7b709637bb12efc4a593a5ca6f312ed27566dad4;hpb=b9f6b59fc48b5acf76da58e3f02a9d7a4ef1f87c diff --git a/tests/club/wpia/gigi/testUtils/ConfiguredTest.java b/tests/club/wpia/gigi/testUtils/ConfiguredTest.java index 4dd091ed..3ece611c 100644 --- a/tests/club/wpia/gigi/testUtils/ConfiguredTest.java +++ b/tests/club/wpia/gigi/testUtils/ConfiguredTest.java @@ -8,10 +8,17 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; +import java.math.BigInteger; import java.security.GeneralSecurityException; +import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; import java.security.Signature; +import java.security.spec.RSAPrivateKeySpec; +import java.security.spec.RSAPublicKeySpec; import java.sql.SQLException; import java.text.SimpleDateFormat; import java.util.Calendar; @@ -177,6 +184,99 @@ public abstract class ConfiguredTest { return keyPair; } + public static KeyPair generateBrokenKeypair() throws GeneralSecurityException { + KeyPair keyPair = null; + File f = new File("testBrokenKeypair"); + if (f.exists()) { + try (ObjectInputStream ois = new ObjectInputStream(new FileInputStream(f))) { + keyPair = (KeyPair) ois.readObject(); + } catch (ClassNotFoundException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } + } else { + // -----BEGIN SHAMELESSLY ADAPTED BLOCK----- + /** + * Modified original RSA key generator to use three primes with one + * prime set to fixed value to allow simple checking for such faulty + * keys. + * + * @link sun.security.rsa.RSAKeyPairGenerator#generateKeyPair + */ + + KeyFactory factory = KeyFactory.getInstance("RSA"); + Random random = new SecureRandom(); + int keySize = 4096; + long r_lv = 7331; + + // The generated numbers p q and r fall into the + // following ranges: + // - p: 2^(lp-1) < p < 2^lp + // - q: 2^(lq-1) < q < 2^lq + // - r: 2^12 < r < 2^13 + // Thus the generated number has at least lp+lq+11 bit and + // can have at most lp+lq+13 bit. + // Thus for random selection of p and q the algorithm will + // at some point select a number of length n=n/2+lr+(n-n/2-lr)=>n + // bit. + int lp = (keySize + 1) >> 1; + int lr = BigInteger.valueOf(r_lv).bitLength(); + int lq = keySize - lp - lr; + + BigInteger e = BigInteger.valueOf(7331); + + keyPair = null; + while (keyPair == null) { + // generate two random primes of size lp/lq + BigInteger p, q, r, n; + + r = BigInteger.valueOf(r_lv); + do { + p = BigInteger.probablePrime(lp, random); + q = BigInteger.probablePrime(lq, random); + + // modulus n = p * q * r + n = p.multiply(q).multiply(r); + + // even with correctly sized p, q and r, there is a chance + // that n will be one bit short. re-generate the + // primes if so. + } while (n.bitLength() < keySize); + + // phi = (p - 1) * (q - 1) * (r - 1) must be relative prime to e + // otherwise RSA just won't work ;-) + BigInteger p1 = p.subtract(BigInteger.ONE); + BigInteger q1 = q.subtract(BigInteger.ONE); + BigInteger r1 = r.subtract(BigInteger.ONE); + BigInteger phi = p1.multiply(q1).multiply(r1); + + // generate new p and q until they work. typically + if (e.gcd(phi).equals(BigInteger.ONE) == false) { + continue; + } + + // private exponent d is the inverse of e mod phi + BigInteger d = e.modInverse(phi); + + RSAPublicKeySpec publicSpec = new RSAPublicKeySpec(n, e); + RSAPrivateKeySpec privateSpec = new RSAPrivateKeySpec(n, d); + PublicKey publicKey = factory.generatePublic(publicSpec); + PrivateKey privateKey = factory.generatePrivate(privateSpec); + keyPair = new KeyPair(publicKey, privateKey); + } + // -----END SHAMELESSLY ADAPTED BLOCK----- + + try (ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(f))) { + oos.writeObject(keyPair); + oos.close(); + } catch (IOException ioe) { + ioe.printStackTrace(); + } + } + return keyPair; + } + public static String generatePEMCSR(KeyPair kp, String dn) throws GeneralSecurityException, IOException { return generatePEMCSR(kp, dn, new PKCS10Attributes()); } @@ -249,8 +349,14 @@ public abstract class ConfiguredTest { public void verify(Domain d) { try { d.addPing(DomainPingType.EMAIL, "admin"); - TestMail testMail = getMailReceiver().receive(); + TestMail testMail = getMailReceiver().receive("admin@" + d.getSuffix()); testMail.verify(); + // Enforce successful ping :-) + d.addPing(DomainPingType.HTTP, "a:b"); + try (GigiPreparedStatement gps = new GigiPreparedStatement("INSERT INTO `domainPinglog` SET `configId`=(SELECT `id` FROM `pingconfig` WHERE `domainid`=? AND `type`='http'), state='success', needsAction=false")) { + gps.setInt(1, d.getId()); + gps.execute(); + } assertTrue(d.isVerified()); } catch (GigiApiException e) { throw new Error(e);