X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=util-testing%2Forg%2Fcacert%2Fgigi%2Fpages%2FManager.java;h=dfa4b5a4ee85a7902264e98c0d7170862fa641a9;hp=9f4567e711f729a19b24e00b0b69f73d368219b4;hb=533294134fb42a02b2557c68eda45f47d77e73cc;hpb=4b91927aa8d90226414872ce5b3006d0e0f5d273 diff --git a/util-testing/org/cacert/gigi/pages/Manager.java b/util-testing/org/cacert/gigi/pages/Manager.java index 9f4567e7..dfa4b5a4 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.java +++ b/util-testing/org/cacert/gigi/pages/Manager.java @@ -3,8 +3,13 @@ package org.cacert.gigi.pages; import java.io.IOException; import java.io.PrintWriter; import java.lang.reflect.Field; -import java.sql.Date; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.Signature; +import java.util.Base64; import java.util.Calendar; +import java.util.Date; import java.util.GregorianCalendar; import java.util.HashMap; import java.util.Iterator; @@ -12,73 +17,110 @@ import java.util.LinkedList; import java.util.Locale; import java.util.Map; import java.util.Properties; +import java.util.TreeSet; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.cacert.gigi.Gigi; import org.cacert.gigi.GigiApiException; -import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.crypto.SPKAC; import org.cacert.gigi.database.GigiPreparedStatement; +import org.cacert.gigi.dbObjects.Assurance.AssuranceType; +import org.cacert.gigi.dbObjects.CATS; +import org.cacert.gigi.dbObjects.CATS.CATSType; +import org.cacert.gigi.dbObjects.Certificate; +import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; +import org.cacert.gigi.dbObjects.CertificateOwner; +import org.cacert.gigi.dbObjects.Digest; +import org.cacert.gigi.dbObjects.Domain; +import org.cacert.gigi.dbObjects.DomainPingType; import org.cacert.gigi.dbObjects.EmailAddress; import org.cacert.gigi.dbObjects.Group; +import org.cacert.gigi.dbObjects.Name; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.email.EmailProvider; import org.cacert.gigi.localisation.Language; -import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; +import org.cacert.gigi.pages.account.certs.CertificateRequest; +import org.cacert.gigi.ping.DomainPinger; +import org.cacert.gigi.ping.PingerDaemon; +import org.cacert.gigi.util.AuthorizationContext; +import org.cacert.gigi.util.DayDate; import org.cacert.gigi.util.Notary; +import sun.security.x509.X509Key; + public class Manager extends Page { public static final String PATH = "/manager"; - Field f; + private static HashMap dps; private Manager() { super("Test Manager"); + try { - f = EmailAddress.class.getDeclaredField("hash"); + Field gigiInstance = Gigi.class.getDeclaredField("instance"); + gigiInstance.setAccessible(true); + Gigi g = (Gigi) gigiInstance.get(null); + + Field gigiPinger = Gigi.class.getDeclaredField("pinger"); + gigiPinger.setAccessible(true); + PingerDaemon pd = (PingerDaemon) gigiPinger.get(g); + + Field f = PingerDaemon.class.getDeclaredField("pingers"); f.setAccessible(true); + dps = (HashMap) f.get(pd); + HashMap pingers = new HashMap<>(); + for (DomainPingType dpt : DomainPingType.values()) { + pingers.put(dpt, new PingerFetcher(dpt)); + } + f.set(pd, pingers); } catch (ReflectiveOperationException e) { - throw new Error(e); + e.printStackTrace(); } } - public User[] getAssurers() { - if (assurers != null) { - return assurers; + public User getAssurer(int i) { + if (assurers[i] != null) { + return assurers[i]; } - assurers = new User[10]; try { - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?"); - for (int i = 0; i < assurers.length; i++) { - String mail = "test-assurer" + i + "@example.com"; - User u = User.getByEmail(mail); - if (u == null) { - createUser(mail); - u = User.getByEmail(mail); - passCATS(u); - ps.setInt(1, u.getId()); - ps.setInt(2, u.getId()); - ps.setInt(3, 100); - ps.setString(4, "Manager init code"); - ps.setString(5, "1990-01-01"); - ps.execute(); - } - assurers[i] = u; + User u = createAssurer(i); + assurers[i] = u; - } } catch (ReflectiveOperationException | GigiApiException e) { e.printStackTrace(); } - return assurers; + return assurers[i]; + } + + private User createAssurer(int i) throws GigiApiException, IllegalAccessException { + try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) { + String mail = "test-assurer" + i + "@example.com"; + User u = User.getByEmail(mail); + if (u == null) { + System.out.println("Creating assurer"); + createUser(mail); + u = User.getByEmail(mail); + passCATS(u, CATSType.ASSURER_CHALLENGE); + ps.setInt(1, u.getId()); + ps.setInt(2, u.getId()); + ps.setInt(3, 100); + ps.setString(4, "Manager init code"); + ps.setString(5, "1990-01-01"); + ps.execute(); + } + return u; + } } - private void passCATS(User u) { - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO cats_passed SET user_id=?, variant_id=3"); - ps.setInt(1, u.getId()); - ps.execute(); + private void passCATS(User u, CATSType t) { + CATS.enterResult(u, t, new Date(System.currentTimeMillis()), "en_EN", "1"); } private static Manager instance; @@ -87,6 +129,8 @@ public class Manager extends Page { HashMap> emails = new HashMap<>(); + private static TreeSet pingExempt = new TreeSet<>(); + public static Manager getInstance() { if (instance == null) { instance = new Manager(); @@ -104,7 +148,7 @@ public class Manager extends Page { } @Override - public synchronized void sendmail(String to, String subject, String message, String from, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException { + public synchronized void sendMail(String to, String subject, String message, String from, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException { HashMap> mails = Manager.getInstance().emails; LinkedList hismails = mails.get(to); if (hismails == null) { @@ -115,20 +159,22 @@ public class Manager extends Page { } - public class ManagementForm extends Form { + public class PingerFetcher extends DomainPinger { - public ManagementForm(HttpServletRequest hsr) { - super(hsr); - } + private DomainPingType dpt; - @Override - public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException { - return false; + public PingerFetcher(DomainPingType dpt) { + this.dpt = dpt; } @Override - protected void outputContent(PrintWriter out, Language l, Map vars) { - getDefaultTemplate().output(out, l, vars); + public void ping(Domain domain, String configuration, CertificateOwner target, int confId) { + System.out.println("Test: " + domain); + if (pingExempt.contains(domain.getSuffix())) { + enterPingResult(confId, DomainPinger.PING_SUCCEDED, "Succeeded by TestManager pass-by", null); + } else { + dps.get(dpt).ping(domain, configuration, target, confId); + } } } @@ -154,25 +200,29 @@ public class Manager extends Page { } private void createUser(String email) throws GigiApiException, IllegalAccessException { - User u = new User(); - u.setFName("Först"); - u.setMName("Müddle"); - u.setLName("Läst"); - u.setSuffix("Süffix"); - u.setEmail(email); Calendar gc = GregorianCalendar.getInstance(); + gc.setTimeInMillis(0); gc.set(1990, 0, 1); - u.setDoB(new Date(gc.getTime().getTime())); - u.setPreferredLocale(Locale.ENGLISH); - u.insert("xvXV12°§"); - EmailAddress ea = new EmailAddress(u, email); - ea.insert(Language.getInstance(Locale.ENGLISH)); - String hash = (String) f.get(ea); - - ea.verify(hash); + User u = new User(email, "xvXV12°§", new Name("Först", "Läst", "Müddle", "Süffix"), new DayDate(gc.getTime().getTime()), Locale.ENGLISH); + EmailAddress ea = u.getEmails()[0]; + verify(email, ea); + } + + private void verify(String email, EmailAddress ea) throws GigiApiException { + LinkedList i = emails.get(email); + while (i.size() > 0 && !ea.isVerified()) { + String lst = i.getLast(); + Pattern p = Pattern.compile("hash=([a-zA-Z0-9]+)"); + Matcher m = p.matcher(lst); + if (m.find()) { + ea.verify(m.group(1)); + } + i.removeLast(); + } + // ea.verify(hash); } - User[] assurers; + User[] assurers = new User[25]; @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { @@ -197,13 +247,19 @@ public class Manager extends Page { fetchMails(req, resp, mail); } else if (req.getParameter("cats") != null) { String mail = req.getParameter("catsEmail"); + String testId = req.getParameter("catsType"); User byEmail = User.getByEmail(mail); if (byEmail == null) { resp.getWriter().println("User not found."); return; } - passCATS(byEmail); - resp.getWriter().println("User has been passed CATS"); + if (testId == null) { + resp.getWriter().println("No test given."); + return; + } + CATSType test = CATSType.values()[Integer.parseInt(testId)]; + passCATS(byEmail, test); + resp.getWriter().println("Test '" + test.getDisplayName() + "' was added to user account."); } else if (req.getParameter("assure") != null) { String mail = req.getParameter("assureEmail"); User byEmail = User.getByEmail(mail); @@ -212,13 +268,76 @@ public class Manager extends Page { return; } try { - for (int i = 0; i < getAssurers().length; i++) { - Notary.assure(getAssurers()[i], byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06"); + for (int i = 0; i < 10; i++) { + Notary.assure(getAssurer(i), byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06", AssuranceType.FACE_TO_FACE); } } catch (GigiApiException e) { throw new Error(e); } resp.getWriter().println("User has been assured."); + } else if (req.getParameter("letassure") != null) { + String mail = req.getParameter("letassureEmail"); + User byEmail = User.getByEmail(mail); + try { + for (int i = 0; i < 25; i++) { + User a = getAssurer(i); + Notary.assure(byEmail, a, a.getName(), a.getDoB(), 10, "Testmanager exp up code", "2014-11-06", AssuranceType.FACE_TO_FACE); + } + } catch (GigiApiException e) { + throw new Error(e); + } + } else if (req.getParameter("addEmail") != null) { + User u = User.getByEmail(req.getParameter("addEmailEmail")); + try { + EmailAddress ea = new EmailAddress(u, req.getParameter("addEmailNew"), Locale.ENGLISH); + verify(ea.getAddress(), ea); + } catch (IllegalArgumentException e) { + e.printStackTrace(); + resp.getWriter().println("An internal error occured."); + } catch (GigiApiException e) { + e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH)); + } + } else if (req.getParameter("addCert") != null) { + User u = User.getByEmail(req.getParameter("addCertEmail")); + try { + KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); + kpg.initialize(4096); + KeyPair kp = kpg.generateKeyPair(); + SPKAC s = new SPKAC((X509Key) kp.getPublic(), "challange"); + Signature sign = Signature.getInstance("SHA512withRSA"); + sign.initSign(kp.getPrivate()); + + byte[] res = s.getEncoded(sign); + + CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), Base64.getEncoder().encodeToString(res), "challange"); + cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail()); + Certificate draft = cr.draft(); + draft.issue(null, "2y", u).waitFor(10000); + if (draft.getStatus() == CertificateStatus.ISSUED) { + resp.getWriter().println("added certificate"); + } else { + resp.getWriter().println("signer failed"); + } + } catch (GeneralSecurityException e1) { + e1.printStackTrace(); + resp.getWriter().println("error"); + } catch (GigiApiException e) { + e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH)); + } catch (InterruptedException e) { + e.printStackTrace(); + resp.getWriter().println("interrupted"); + } + + } else if (req.getParameter("addExDom") != null) { + String dom = req.getParameter("exemtDom"); + pingExempt.add(dom); + resp.getWriter().println("Updated domains exempt from pings. Current set:
"); + resp.getWriter().println(pingExempt); + } else if (req.getParameter("delExDom") != null) { + String dom = req.getParameter("exemtDom"); + pingExempt.remove(dom); + resp.getWriter().println("Updated domains exempt from pings. Current set:
"); + resp.getWriter().println(pingExempt); } } @@ -248,6 +367,8 @@ public class Manager extends Page { } } + private Template form = new Template(Manager.class.getResource("Manager.templ")); + @Override public boolean needsLogin() { return false; @@ -255,14 +376,30 @@ public class Manager extends Page { @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { - getAssurers(); String pi = req.getPathInfo().substring(PATH.length()); if (pi.length() > 1 && pi.startsWith("/fetch-")) { String mail = pi.substring(pi.indexOf('-', 2) + 1); fetchMails(req, resp, mail); return; } + HashMap vars = new HashMap<>(); + vars.put("cats_types", new IterableDataset() { + + CATSType[] type = CATSType.values(); + + int i = 0; - new ManagementForm(req).output(resp.getWriter(), getLanguage(req), new HashMap()); + @Override + public boolean next(Language l, Map vars) { + if (i >= type.length) { + return false; + } + CATSType t = type[i++]; + vars.put("id", i - 1); + vars.put("name", t.getDisplayName()); + return true; + } + }); + form.output(resp.getWriter(), getLanguage(req), vars); } }