Merge "add: email-management-api"

author Benny Baumann <BenBE1987@gmx.net>

Sun, 16 Oct 2016 16:22:28 +0000 (18:22 +0200)

committer Gerrit Code Review <gigi-system@dogcraft.de>

Sun, 16 Oct 2016 16:22:28 +0000 (18:22 +0200)
author Benny Baumann <BenBE1987@gmx.net>
Sun, 16 Oct 2016 16:22:28 +0000 (18:22 +0200)
committer Gerrit Code Review <gigi-system@dogcraft.de>
Sun, 16 Oct 2016 16:22:28 +0000 (18:22 +0200)
diff --git a/src/org/cacert/gigi/dbObjects/Digest.java b/src/org/cacert/gigi/dbObjects/Digest.java

index 59247121c5ef04c064386b40270f674efd1fe488..1bf2b77b74b84a593b0ad8bee0c5f8da6beb9d50 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/Digest.java
+++ b/src/org/cacert/gigi/dbObjects/Digest.java
@@ -2,9 +2,13 @@ package org.cacert.gigi.dbObjects;
  
  import org.cacert.gigi.output.template.Outputable;
  import org.cacert.gigi.output.template.TranslateCommand;
+import org.cacert.gigi.output.template.SprintfCommand;
+import java.util.Arrays;
  
  public enum Digest {
-    SHA256("Currently recommended, because the other algorithms" + " might break on some older versions of the GnuTLS library" + " (older than 3.x) still shipped in Debian for example."), SHA384(""), SHA512("Highest protection against hash collision attacks of the algorithms offered here.");
+    SHA256(new SprintfCommand("Most compatible choice (see {0}documentation{1} for details)", Arrays.asList("!'<a href='//links.teracara.org/sha2-256'>", "!'</a>"))),
+    SHA384("Best matched with ECC P-384"),
+    SHA512("Highest collision resistance, recommended");
  
      private final Outputable exp;
  
@@ -12,12 +16,16 @@ public enum Digest {
          exp = new TranslateCommand(explanation);
      }
  
+    private Digest(Outputable exp) {
+        this.exp = exp;
+    }
+
      public Outputable getExp() {
          return exp;
      }
  
      public static Digest getDefault() {
-        return SHA256;
+        return SHA512;
      }
  
  }
diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java b/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java

index 1067681cf2d1e78868690590dbc4e84d2d5e189b..5edf362e4877ef2c505ca5c6636e60b91b9b0b42 100644 (file)
--- a/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java
+++ b/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java
@@ -225,6 +225,8 @@ public class CertificateRequest {
              selectedDigest = Digest.SHA512;
          } else if (sign.toLowerCase().startsWith("sha384")) {
              selectedDigest = Digest.SHA384;
+        } else if (sign.toLowerCase().startsWith("sha256")) {
+            selectedDigest = Digest.SHA256;
          }
      }
  
diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java

index cbce25d49e17fa30e573b6b57582ed3df4432ea9..2fc2f60e5c20d9a74da873b9b3ea5bbc7fa8175d 100644 (file)
--- a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
+++ b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
@@ -85,7 +85,7 @@ public class TestCertificateAdd extends ClientTest {
  
          String[] res = fillOutForm("CSR=" + URLEncoder.encode(pem, "UTF-8"));
          assertArrayEquals(new String[] {
-                "server", CertificateRequest.DEFAULT_CN, "dns:a." + uniq + ".tld\ndns:" + uniq + ".tld\n", Digest.SHA256.toString()
+                "server", CertificateRequest.DEFAULT_CN, "dns:a." + uniq + ".tld\ndns:" + uniq + ".tld\n", Digest.SHA512.toString()
          }, res);
      }
  
@@ -109,11 +109,11 @@ public class TestCertificateAdd extends ClientTest {
                  CertificateRequest.OID_KEY_USAGE_SSL_CLIENT
          }, new RFC822Name(email));
  
-        String pem = generatePEMCSR(kp, "CN=a b,email=" + email, atts, "SHA512WithRSA");
+        String pem = generatePEMCSR(kp, "CN=a b,email=" + email, atts, "SHA256WithRSA");
  
          String[] res = fillOutForm("CSR=" + URLEncoder.encode(pem, "UTF-8"));
          assertArrayEquals(new String[] {
-                "client", "a b", "email:" + email + "\n", Digest.SHA512.toString()
+                "client", "a b", "email:" + email + "\n", Digest.SHA256.toString()
          }, res);
      }
  
diff --git a/tests/org/cacert/gigi/testUtils/ConfiguredTest.java b/tests/org/cacert/gigi/testUtils/ConfiguredTest.java

index 1467f434145b6ab583b7f10d9246308a58fa3116..c3d67b9a5e73de1f0f07da3fb3e7378db1d16517 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/ConfiguredTest.java
+++ b/tests/org/cacert/gigi/testUtils/ConfiguredTest.java
@@ -163,7 +163,7 @@ public abstract class ConfiguredTest {
      }
  
      public static String generatePEMCSR(KeyPair kp, String dn, PKCS10Attributes atts) throws GeneralSecurityException, IOException {
-        return generatePEMCSR(kp, dn, atts, "SHA256WithRSA");
+        return generatePEMCSR(kp, dn, atts, "SHA512WithRSA");
      }
  
      public static String generatePEMCSR(KeyPair kp, String dn, PKCS10Attributes atts, String signature) throws GeneralSecurityException, IOException {
author	Benny Baumann <BenBE1987@gmx.net>
	Sun, 16 Oct 2016 16:22:28 +0000 (18:22 +0200)
committer	Gerrit Code Review <gigi-system@dogcraft.de>
	Sun, 16 Oct 2016 16:22:28 +0000 (18:22 +0200)
src/org/cacert/gigi/dbObjects/Digest.java		patch \| blob \| history
src/org/cacert/gigi/pages/account/certs/CertificateRequest.java		patch \| blob \| history
tests/org/cacert/gigi/pages/account/TestCertificateAdd.java		patch \| blob \| history
tests/org/cacert/gigi/testUtils/ConfiguredTest.java		patch \| blob \| history