From: Felix Dörre Date: Thu, 7 Apr 2016 11:59:33 +0000 (+0200) Subject: Merge commit '0176ca7cda25ad88e9faa116ffa139ca926de273' into HEAD X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=6e23ad9bc75d6cb2aa86cb36654a6ef44a167011;hp=0176ca7cda25ad88e9faa116ffa139ca926de273 Merge commit '0176ca7cda25ad88e9faa116ffa139ca926de273' into HEAD --- diff --git a/src/org/cacert/gigi/api/CreateCertificate.java b/src/org/cacert/gigi/api/CreateCertificate.java index d21b9c47..0d5a27e0 100644 --- a/src/org/cacert/gigi/api/CreateCertificate.java +++ b/src/org/cacert/gigi/api/CreateCertificate.java @@ -12,10 +12,11 @@ import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.CertificateProfile; import org.cacert.gigi.dbObjects.Job; +import org.cacert.gigi.dbObjects.Organisation; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.pages.account.certs.CertificateRequest; import org.cacert.gigi.util.AuthorizationContext; -import org.cacert.gigi.util.PEM; +import org.cacert.gigi.util.CertExporter; public class CreateCertificate extends APIPoint { @@ -33,12 +34,35 @@ public class CreateCertificate extends APIPoint { if (cpS != null) { cp = CertificateProfile.getByName(cpS); if (cp == null) { - resp.sendError(500, "Error, profile " + cpS + "not found"); + resp.sendError(500, "Error, profile not found"); + return; + } + } + AuthorizationContext ctx = new AuthorizationContext(u, u); + String asOrg = req.getParameter("asOrg"); + if (asOrg != null) { + try { + int i = Integer.parseInt(asOrg); + Organisation o0 = null; + for (Organisation o : u.getOrganisations()) { + if (o.getId() == i) { + o0 = o; + break; + } + } + if (o0 == null) { + resp.sendError(500, "Error, Organisation with id " + i + " not found."); + return; + } else { + ctx = new AuthorizationContext(o0, u); + } + } catch (NumberFormatException e) { + resp.sendError(500, "Error, as Org is not an integer"); return; } } try { - CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), csr, cp); + CertificateRequest cr = new CertificateRequest(ctx, csr, cp); Certificate result = cr.draft(); Job job = result.issue(null, "2y", u); job.waitFor(60000); @@ -46,7 +70,8 @@ public class CreateCertificate extends APIPoint { resp.sendError(510, "Error, issuing timed out"); return; } - resp.getWriter().println(PEM.encode("CERTIFICATE", result.cert().getEncoded())); + + CertExporter.writeCertCrt(result, resp.getOutputStream(), req.getParameter("chain") != null, req.getParameter("noAnchor") == null); return; } catch (GeneralSecurityException e) { resp.sendError(500, "Crypto failed"); diff --git a/src/org/cacert/gigi/pages/account/certs/Certificates.java b/src/org/cacert/gigi/pages/account/certs/Certificates.java index a0afe7a9..d40bbacc 100644 --- a/src/org/cacert/gigi/pages/account/certs/Certificates.java +++ b/src/org/cacert/gigi/pages/account/certs/Certificates.java @@ -2,19 +2,10 @@ package org.cacert.gigi.pages.account.certs; import java.io.IOException; import java.io.PrintWriter; -import java.math.BigInteger; import java.net.URLEncoder; import java.security.GeneralSecurityException; -import java.security.cert.CRLException; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.X509CRL; -import java.security.cert.X509Certificate; import java.util.HashMap; -import java.util.HashSet; -import java.util.LinkedList; import java.util.Map; -import java.util.Set; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; @@ -29,17 +20,9 @@ import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.HandlesMixedRequest; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.CertExporter; import org.cacert.gigi.util.PEM; -import sun.security.pkcs.ContentInfo; -import sun.security.pkcs.PKCS7; -import sun.security.pkcs.SignerInfo; -import sun.security.util.DerOutputStream; -import sun.security.util.DerValue; -import sun.security.x509.AlgorithmId; -import sun.security.x509.X509CRLImpl; -import sun.security.x509.X509CertImpl; - public class Certificates extends Page implements HandlesMixedRequest { private Template certDisplay = new Template(Certificates.class.getResource("CertificateDisplay.templ")); @@ -95,9 +78,6 @@ public class Certificates extends Page implements HandlesMixedRequest { } else if (pi.endsWith(".cer")) { cer = true; pi = pi.substring(0, pi.length() - 4); - } else if (pi.endsWith(".cer")) { - cer = true; - pi = pi.substring(0, pi.length() - 4); } String serial = pi; try { @@ -106,35 +86,16 @@ public class Certificates extends Page implements HandlesMixedRequest { resp.sendError(404); return true; } - X509Certificate cert = c.cert(); if ( !crt && !cer) { return false; } ServletOutputStream out = resp.getOutputStream(); + boolean doChain = req.getParameter("chain") != null; + boolean includeAnchor = req.getParameter("noAnchor") == null; if (crt) { - out.println(PEM.encode("CERTIFICATE", cert.getEncoded())); - if (req.getParameter("chain") != null) { - CACertificate ca = c.getParent(); - while ( !ca.isSelfsigned()) { - out.println(PEM.encode("CERTIFICATE", ca.getCertificate().getEncoded())); - ca = ca.getParent(); - } - if (req.getParameter("noAnchor") == null) { - out.println(PEM.encode("CERTIFICATE", ca.getCertificate().getEncoded())); - } - } + CertExporter.writeCertCrt(c, out, doChain, includeAnchor); } else if (cer) { - if (req.getParameter("chain") != null) { - PKCS7 p7 = toP7Chain(c); - p7.encodeSignedData(out); - /* - * ContentInfo ci = toCIChain(c); try (DerOutputStream dos = - * new DerOutputStream()) { ci.encode(dos); - * out.write(dos.toByteArray()); } - */ - } else { - out.write(cert.getEncoded()); - } + CertExporter.writeCertCer(c, out, doChain, includeAnchor); } } catch (IllegalArgumentException e) { resp.sendError(404); @@ -147,113 +108,6 @@ public class Certificates extends Page implements HandlesMixedRequest { return true; } - private static PKCS7 toP7Chain(Certificate c) throws IOException, GeneralSecurityException { - LinkedList ll = getChain(c); - PKCS7 p7 = new PKCS7(new AlgorithmId[0], new ContentInfo(ContentInfo.DATA_OID, null), ll.toArray(new X509Certificate[ll.size()]), new SignerInfo[0]) { - - @Override - public void encodeSignedData(DerOutputStream out) throws IOException { - DerOutputStream signedData = new DerOutputStream(); - BigInteger version = getVersion(); - AlgorithmId[] digestAlgorithmIds = getDigestAlgorithmIds(); - ContentInfo contentInfo = getContentInfo(); - X509Certificate[] certificates = getCertificates(); - X509CRL[] crls = getCRLs(); - SignerInfo[] signerInfos = getSignerInfos(); - - // version - signedData.putInteger(version); - - // digestAlgorithmIds - signedData.putOrderedSetOf(DerValue.tag_Set, digestAlgorithmIds); - - // contentInfo - contentInfo.encode(signedData); - - // certificates (optional) - if (certificates != null && certificates.length != 0) { - DerOutputStream sub = new DerOutputStream(); - // cast to X509CertImpl[] since X509CertImpl implements - // DerEncoder - X509CertImpl implCerts[] = new X509CertImpl[certificates.length]; - for (int i = 0; i < certificates.length; i++) { - try { - sub.write(certificates[i].getEncoded()); - } catch (CertificateEncodingException e) { - sub.close(); - throw new IOException(e); - } - if (certificates[i] instanceof X509CertImpl) { - implCerts[i] = (X509CertImpl) certificates[i]; - } else { - try { - byte[] encoded = certificates[i].getEncoded(); - implCerts[i] = new X509CertImpl(encoded); - } catch (CertificateException ce) { - sub.close(); - throw new IOException(ce); - } - } - } - - // Add the certificate set (tagged with [0] IMPLICIT) - // to the signed data - signedData.write((byte) 0xA0, sub); - sub.close(); - } - - // CRLs (optional) - if (crls != null && crls.length != 0) { - // cast to X509CRLImpl[] since X509CRLImpl implements - // DerEncoder - Set implCRLs = new HashSet(crls.length); - for (X509CRL crl : crls) { - if (crl instanceof X509CRLImpl) { - implCRLs.add((X509CRLImpl) crl); - } else { - try { - byte[] encoded = crl.getEncoded(); - implCRLs.add(new X509CRLImpl(encoded)); - } catch (CRLException ce) { - throw new IOException(ce); - } - } - } - - // Add the CRL set (tagged with [1] IMPLICIT) - // to the signed data - signedData.putOrderedSetOf((byte) 0xA1, implCRLs.toArray(new X509CRLImpl[implCRLs.size()])); - } - - // signerInfos - signedData.putOrderedSetOf(DerValue.tag_Set, signerInfos); - - // making it a signed data block - DerValue signedDataSeq = new DerValue(DerValue.tag_Sequence, signedData.toByteArray()); - - // making it a content info sequence - ContentInfo block = new ContentInfo(ContentInfo.SIGNED_DATA_OID, signedDataSeq); - - // writing out the contentInfo sequence - block.encode(out); - } - - }; - return p7; - } - - private static LinkedList getChain(Certificate c) throws IOException, GeneralSecurityException { - LinkedList ll = new LinkedList<>(); - ll.add(c.cert()); - CACertificate ca = c.getParent(); - while ( !ca.isSelfsigned()) { - ll.add(ca.getCertificate()); - ca = ca.getParent(); - } - ll.add(ca.getCertificate()); - return ll; - } - @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { if (req.getQueryString() != null && !req.getQueryString().equals("") && !req.getQueryString().equals("withRevoked")) { diff --git a/src/org/cacert/gigi/util/CertExporter.java b/src/org/cacert/gigi/util/CertExporter.java new file mode 100644 index 00000000..6c180979 --- /dev/null +++ b/src/org/cacert/gigi/util/CertExporter.java @@ -0,0 +1,165 @@ +package org.cacert.gigi.util; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.GeneralSecurityException; +import java.security.cert.CRLException; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.X509CRL; +import java.security.cert.X509Certificate; +import java.util.HashSet; +import java.util.LinkedList; +import java.util.Set; + +import javax.servlet.ServletOutputStream; + +import org.cacert.gigi.dbObjects.CACertificate; +import org.cacert.gigi.dbObjects.Certificate; + +import sun.security.pkcs.ContentInfo; +import sun.security.pkcs.PKCS7; +import sun.security.pkcs.SignerInfo; +import sun.security.util.DerOutputStream; +import sun.security.util.DerValue; +import sun.security.x509.AlgorithmId; +import sun.security.x509.X509CRLImpl; +import sun.security.x509.X509CertImpl; + +public class CertExporter { + + private CertExporter() {} + + public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException { + X509Certificate cert = c.cert(); + out.println(PEM.encode("CERTIFICATE", cert.getEncoded())); + if (doChain) { + CACertificate ca = c.getParent(); + while ( !ca.isSelfsigned()) { + out.println(PEM.encode("CERTIFICATE", ca.getCertificate().getEncoded())); + ca = ca.getParent(); + } + if (includeAnchor) { + out.println(PEM.encode("CERTIFICATE", ca.getCertificate().getEncoded())); + } + } + } + + public static void writeCertCer(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException { + X509Certificate cert = c.cert(); + if (doChain) { + PKCS7 p7 = toP7Chain(c); + p7.encodeSignedData(out); + } else { + out.write(cert.getEncoded()); + } + } + + private static PKCS7 toP7Chain(Certificate c) throws IOException, GeneralSecurityException { + LinkedList ll = getChain(c); + PKCS7 p7 = new PKCS7(new AlgorithmId[0], new ContentInfo(ContentInfo.DATA_OID, null), ll.toArray(new X509Certificate[ll.size()]), new SignerInfo[0]) { + + @Override + public void encodeSignedData(DerOutputStream out) throws IOException { + DerOutputStream signedData = new DerOutputStream(); + BigInteger version = getVersion(); + AlgorithmId[] digestAlgorithmIds = getDigestAlgorithmIds(); + ContentInfo contentInfo = getContentInfo(); + X509Certificate[] certificates = getCertificates(); + X509CRL[] crls = getCRLs(); + SignerInfo[] signerInfos = getSignerInfos(); + + // version + signedData.putInteger(version); + + // digestAlgorithmIds + signedData.putOrderedSetOf(DerValue.tag_Set, digestAlgorithmIds); + + // contentInfo + contentInfo.encode(signedData); + + // certificates (optional) + if (certificates != null && certificates.length != 0) { + DerOutputStream sub = new DerOutputStream(); + // cast to X509CertImpl[] since X509CertImpl implements + // DerEncoder + X509CertImpl implCerts[] = new X509CertImpl[certificates.length]; + for (int i = 0; i < certificates.length; i++) { + try { + sub.write(certificates[i].getEncoded()); + } catch (CertificateEncodingException e) { + sub.close(); + throw new IOException(e); + } + if (certificates[i] instanceof X509CertImpl) { + implCerts[i] = (X509CertImpl) certificates[i]; + } else { + try { + byte[] encoded = certificates[i].getEncoded(); + implCerts[i] = new X509CertImpl(encoded); + } catch (CertificateException ce) { + sub.close(); + throw new IOException(ce); + } + } + } + + // Add the certificate set (tagged with [0] IMPLICIT) + // to the signed data + signedData.write((byte) 0xA0, sub); + sub.close(); + } + + // CRLs (optional) + if (crls != null && crls.length != 0) { + // cast to X509CRLImpl[] since X509CRLImpl implements + // DerEncoder + Set implCRLs = new HashSet(crls.length); + for (X509CRL crl : crls) { + if (crl instanceof X509CRLImpl) { + implCRLs.add((X509CRLImpl) crl); + } else { + try { + byte[] encoded = crl.getEncoded(); + implCRLs.add(new X509CRLImpl(encoded)); + } catch (CRLException ce) { + throw new IOException(ce); + } + } + } + + // Add the CRL set (tagged with [1] IMPLICIT) + // to the signed data + signedData.putOrderedSetOf((byte) 0xA1, implCRLs.toArray(new X509CRLImpl[implCRLs.size()])); + } + + // signerInfos + signedData.putOrderedSetOf(DerValue.tag_Set, signerInfos); + + // making it a signed data block + DerValue signedDataSeq = new DerValue(DerValue.tag_Sequence, signedData.toByteArray()); + + // making it a content info sequence + ContentInfo block = new ContentInfo(ContentInfo.SIGNED_DATA_OID, signedDataSeq); + + // writing out the contentInfo sequence + block.encode(out); + } + + }; + return p7; + } + + private static LinkedList getChain(Certificate c) throws IOException, GeneralSecurityException { + LinkedList ll = new LinkedList<>(); + ll.add(c.cert()); + CACertificate ca = c.getParent(); + while ( !ca.isSelfsigned()) { + ll.add(ca.getCertificate()); + ca = ca.getParent(); + } + ll.add(ca.getCertificate()); + return ll; + } + +} diff --git a/tests/org/cacert/gigi/api/IssueCert.java b/tests/org/cacert/gigi/api/IssueCert.java index faa8618e..b37626ce 100644 --- a/tests/org/cacert/gigi/api/IssueCert.java +++ b/tests/org/cacert/gigi/api/IssueCert.java @@ -6,14 +6,11 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStreamReader; import java.io.OutputStream; -import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; -import java.net.MalformedURLException; import java.net.URL; import java.net.URLEncoder; -import java.security.KeyManagementException; +import java.security.GeneralSecurityException; import java.security.KeyPair; -import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; @@ -23,6 +20,10 @@ import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.CertificateProfile; import org.cacert.gigi.dbObjects.Digest; +import org.cacert.gigi.dbObjects.Domain; +import org.cacert.gigi.dbObjects.Group; +import org.cacert.gigi.dbObjects.Name; +import org.cacert.gigi.dbObjects.Organisation; import org.cacert.gigi.testUtils.ClientTest; import org.cacert.gigi.testUtils.IOUtils; import org.junit.Test; @@ -31,34 +32,90 @@ import sun.security.x509.X500Name; public class IssueCert extends ClientTest { + private final PrivateKey pk; + + private final X509Certificate ce; + + private final Certificate c; + + private final KeyPair kp; + + public IssueCert() { + try { + kp = generateKeypair(); + String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com"); + c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1)); + pk = kp.getPrivate(); + c.issue(null, "2y", u).waitFor(60000); + ce = c.cert(); + } catch (Exception e) { + throw new Error(e); + } + } + @Test public void testIssueCert() throws Exception { - KeyPair kp = generateKeypair(); - String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com"); - Certificate c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1)); - final PrivateKey pk = kp.getPrivate(); - c.issue(null, "2y", u).waitFor(60000); - final X509Certificate ce = c.cert(); - HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CreateCertificate.PATH).openConnection(); - authenticateClientCert(pk, ce, connection); - connection.setDoOutput(true); - OutputStream os = connection.getOutputStream(); - os.write(("profile=client&csr=" + URLEncoder.encode(generatePEMCSR(kp, "EMAIL=" + email + ",CN=CAcert WoT User"), "UTF-8")).getBytes("UTF-8")); - os.flush(); - assertEquals(connection.getResponseCode(), 200); - String cert = IOUtils.readURL(new InputStreamReader(connection.getInputStream(), "UTF-8")); + String cert = issueCert(generatePEMCSR(kp, "EMAIL=" + email + ",CN=CAcert WoT User"), "profile=client"); + CertificateFactory cf = CertificateFactory.getInstance("X509"); java.security.cert.X509Certificate xcert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert.getBytes("UTF-8"))); assertEquals("CAcert WoT User", ((X500Name) xcert.getSubjectDN()).getCommonName()); - revoke(pk, ce, xcert.getSerialNumber().toString(16).toLowerCase()); - revoke(pk, ce, c.getSerial().toLowerCase()); + } + @Test + public void testRevoke() throws Exception { + revoke(c.getSerial().toLowerCase()); assertEquals(CertificateStatus.REVOKED, c.getStatus()); + } + + @Test + public void testIssueCertAssured() throws Exception { + makeAssurer(id); + + Name n = u.getName(); + String whishName = n.getFname() + " " + n.getLname(); + String cert = issueCert(generatePEMCSR(kp, "EMAIL=" + email + ",CN=" + whishName), "profile=client-a"); + CertificateFactory cf = CertificateFactory.getInstance("X509"); + java.security.cert.X509Certificate xcert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert.getBytes("UTF-8"))); + assertEquals(whishName, ((X500Name) xcert.getSubjectDN()).getCommonName()); + + } + + @Test + public void testIssueOrgCert() throws Exception { + makeAssurer(id); + u.grantGroup(u, Group.ORGASSURER); + + Organisation o1 = new Organisation("name", "st", "pr", "st", "test@mail", u); + o1.addAdmin(u, u, false); + String testdom = createUniqueName() + "-example.com"; + Domain d2 = new Domain(u, o1, testdom); + verify(d2); + + String whishName = createUniqueName(); + String cert = issueCert(generatePEMCSR(kp, "EMAIL=test@" + testdom + ",CN=" + whishName), "profile=client-orga&asOrg=" + o1.getId()); + + CertificateFactory cf = CertificateFactory.getInstance("X509"); + java.security.cert.X509Certificate xcert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert.getBytes("UTF-8"))); + assertEquals(whishName, ((X500Name) xcert.getSubjectDN()).getCommonName()); + + } + + private String issueCert(String csr, String options) throws IOException, GeneralSecurityException { + HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CreateCertificate.PATH).openConnection(); + authenticateClientCert(pk, ce, connection); + connection.setDoOutput(true); + OutputStream os = connection.getOutputStream(); + os.write((options + "&csr=" + URLEncoder.encode(csr, "UTF-8")).getBytes("UTF-8")); + os.flush(); + assertEquals(connection.getResponseMessage(), 200, connection.getResponseCode()); + String cert = IOUtils.readURL(new InputStreamReader(connection.getInputStream(), "UTF-8")); + return cert; } - private void revoke(final PrivateKey pk, final X509Certificate ce, String serial) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException { + private void revoke(String serial) throws IOException, GeneralSecurityException { HttpURLConnection connection; OutputStream os; connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + "/account/certs/revoke").openConnection(); diff --git a/util-testing/org/cacert/gigi/pages/Manager.java b/util-testing/org/cacert/gigi/pages/Manager.java index ebfd73b9..3ac191ac 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.java +++ b/util-testing/org/cacert/gigi/pages/Manager.java @@ -90,36 +90,38 @@ public class Manager extends Page { } } - public User[] getAssurers() { - if (assurers != null) { - return assurers; + public User getAssurer(int i) { + if (assurers[i] != null) { + return assurers[i]; } - assurers = new User[10]; try { - try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) { - for (int i = 0; i < assurers.length; i++) { - String mail = "test-assurer" + i + "@example.com"; - User u = User.getByEmail(mail); - if (u == null) { - System.out.println("Creating assurer"); - createUser(mail); - u = User.getByEmail(mail); - passCATS(u); - ps.setInt(1, u.getId()); - ps.setInt(2, u.getId()); - ps.setInt(3, 100); - ps.setString(4, "Manager init code"); - ps.setString(5, "1990-01-01"); - ps.execute(); - } - assurers[i] = u; + User u = createAssurer(i); + assurers[i] = u; - } - } } catch (ReflectiveOperationException | GigiApiException e) { e.printStackTrace(); } - return assurers; + return assurers[i]; + } + + private User createAssurer(int i) throws GigiApiException, IllegalAccessException { + try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?")) { + String mail = "test-assurer" + i + "@example.com"; + User u = User.getByEmail(mail); + if (u == null) { + System.out.println("Creating assurer"); + createUser(mail); + u = User.getByEmail(mail); + passCATS(u); + ps.setInt(1, u.getId()); + ps.setInt(2, u.getId()); + ps.setInt(3, 100); + ps.setString(4, "Manager init code"); + ps.setString(5, "1990-01-01"); + ps.execute(); + } + return u; + } } private void passCATS(User u) { @@ -219,7 +221,7 @@ public class Manager extends Page { ea.verify(hash); } - User[] assurers; + User[] assurers = new User[25]; @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { @@ -259,13 +261,24 @@ public class Manager extends Page { return; } try { - for (int i = 0; i < getAssurers().length; i++) { - Notary.assure(getAssurers()[i], byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06", AssuranceType.FACE_TO_FACE); + for (int i = 0; i < 10; i++) { + Notary.assure(getAssurer(i), byEmail, byEmail.getName(), byEmail.getDoB(), 10, "Testmanager Assure up code", "2014-11-06", AssuranceType.FACE_TO_FACE); } } catch (GigiApiException e) { throw new Error(e); } resp.getWriter().println("User has been assured."); + } else if (req.getParameter("letassure") != null) { + String mail = req.getParameter("letassureEmail"); + User byEmail = User.getByEmail(mail); + try { + for (int i = 0; i < 25; i++) { + User a = getAssurer(i); + Notary.assure(byEmail, a, a.getName(), a.getDoB(), 10, "Testmanager exp up code", "2014-11-06", AssuranceType.FACE_TO_FACE); + } + } catch (GigiApiException e) { + throw new Error(e); + } } else if (req.getParameter("addEmail") != null) { User u = User.getByEmail(req.getParameter("addEmailEmail")); try { @@ -365,7 +378,6 @@ public class Manager extends Page { @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { - getAssurers(); String pi = req.getPathInfo().substring(PATH.length()); if (pi.length() > 1 && pi.startsWith("/fetch-")) { String mail = pi.substring(pi.indexOf('-', 2) + 1); diff --git a/util-testing/org/cacert/gigi/pages/Manager.templ b/util-testing/org/cacert/gigi/pages/Manager.templ index 9735e9a5..2efd14ad 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.templ +++ b/util-testing/org/cacert/gigi/pages/Manager.templ @@ -55,6 +55,14 @@ Email: + +Assure 25 others (get 25 experience points) : + +Email: + + + + Add verified Email: