| 1 | // License: GPL. For details, see LICENSE file.
|
|---|
| 2 | package org.openstreetmap.josm.io;
|
|---|
| 3 |
|
|---|
| 4 | import java.io.IOException;
|
|---|
| 5 | import java.net.URL;
|
|---|
| 6 | import java.net.URLConnection;
|
|---|
| 7 |
|
|---|
| 8 | import javax.net.ssl.SSLHandshakeException;
|
|---|
| 9 |
|
|---|
| 10 | import org.junit.Assert;
|
|---|
| 11 | import org.junit.BeforeClass;
|
|---|
| 12 | import org.junit.Test;
|
|---|
| 13 | import org.openstreetmap.josm.JOSMFixture;
|
|---|
| 14 |
|
|---|
| 15 | /**
|
|---|
| 16 | * Unit tests of {@link CertificateAmendment} class.
|
|---|
| 17 | */
|
|---|
| 18 | public class CertificateAmendmentTest {
|
|---|
| 19 |
|
|---|
| 20 | /**
|
|---|
| 21 | * Setup test.
|
|---|
| 22 | */
|
|---|
| 23 | @BeforeClass
|
|---|
| 24 | public static void setUp() {
|
|---|
| 25 | JOSMFixture.createUnitTestFixture().init();
|
|---|
| 26 | }
|
|---|
| 27 |
|
|---|
| 28 | /**
|
|---|
| 29 | * Test a well-known certificate.
|
|---|
| 30 | * @throws IOException in case of I/O error
|
|---|
| 31 | */
|
|---|
| 32 | @Test
|
|---|
| 33 | public void testDefault() throws IOException {
|
|---|
| 34 | // something that is neither DST nor StartSSL
|
|---|
| 35 | connect("https://google.com", true);
|
|---|
| 36 | }
|
|---|
| 37 |
|
|---|
| 38 | /**
|
|---|
| 39 | * Test <a href="https://letsencrypt.org">Let's Encrypt</a>.
|
|---|
| 40 | * @throws IOException in case of I/O error
|
|---|
| 41 | */
|
|---|
| 42 | @Test
|
|---|
| 43 | public void testLetsEncrypt() throws IOException {
|
|---|
| 44 | // signed by letsencrypt's own ISRG root
|
|---|
| 45 | // (not included yet)
|
|---|
| 46 | // TODO: they switched to cross-sign CA, re-enable it if ISRG root is used again
|
|---|
| 47 | // connect("https://helloworld.letsencrypt.org", false);
|
|---|
| 48 | // signed by letsencrypt's cross-sign CA
|
|---|
| 49 | connect("https://letsencrypt.org", true);
|
|---|
| 50 | // signed by letsencrypt's cross-sign CA, requires SNI
|
|---|
| 51 | connect("https://acme-v01.api.letsencrypt.org", true);
|
|---|
| 52 | }
|
|---|
| 53 |
|
|---|
| 54 | /**
|
|---|
| 55 | * Test <a href="https://www.startssl.com">StartSSL</a>.
|
|---|
| 56 | * @throws IOException in case of I/O error
|
|---|
| 57 | */
|
|---|
| 58 | @Test
|
|---|
| 59 | public void testStartSSL() throws IOException {
|
|---|
| 60 | connect("https://map.dgpsonline.eu", true);
|
|---|
| 61 | connect("https://www.startssl.com", true);
|
|---|
| 62 | }
|
|---|
| 63 |
|
|---|
| 64 | /**
|
|---|
| 65 | * Test a broken certificate.
|
|---|
| 66 | * @throws IOException in case of I/O error
|
|---|
| 67 | */
|
|---|
| 68 | @Test
|
|---|
| 69 | public void testBrokenCert() throws IOException {
|
|---|
| 70 | // broken at the moment (may get fixed some day)
|
|---|
| 71 | connect("https://www.pcwebshop.co.uk", false);
|
|---|
| 72 | }
|
|---|
| 73 |
|
|---|
| 74 | /**
|
|---|
| 75 | * Test overpass API.
|
|---|
| 76 | * @throws IOException in case of I/O error
|
|---|
| 77 | */
|
|---|
| 78 | @Test
|
|---|
| 79 | public void testOverpass() throws IOException {
|
|---|
| 80 | connect("https://overpass-api.de", true);
|
|---|
| 81 | }
|
|---|
| 82 |
|
|---|
| 83 | private static void connect(String url, boolean shouldWork) throws IOException {
|
|---|
| 84 | URLConnection connection = new URL(url).openConnection();
|
|---|
| 85 | try {
|
|---|
| 86 | connection.connect();
|
|---|
| 87 | } catch (SSLHandshakeException e) {
|
|---|
| 88 | if (shouldWork) {
|
|---|
| 89 | e.printStackTrace();
|
|---|
| 90 | Assert.fail("Untrusted: " + url);
|
|---|
| 91 | } else {
|
|---|
| 92 | return;
|
|---|
| 93 | }
|
|---|
| 94 | }
|
|---|
| 95 | if (!shouldWork) {
|
|---|
| 96 | Assert.fail("Expected error: " + url);
|
|---|
| 97 | }
|
|---|
| 98 | }
|
|---|
| 99 | }
|
|---|
