1 | // License: GPL. For details, see LICENSE file.
|
---|
2 | package org.openstreetmap.josm.io;
|
---|
3 |
|
---|
4 | import java.io.IOException;
|
---|
5 | import java.net.URL;
|
---|
6 | import java.net.URLConnection;
|
---|
7 |
|
---|
8 | import javax.net.ssl.SSLHandshakeException;
|
---|
9 |
|
---|
10 | import org.junit.Assert;
|
---|
11 | import org.junit.Rule;
|
---|
12 | import org.junit.Test;
|
---|
13 | import org.openstreetmap.josm.testutils.JOSMTestRules;
|
---|
14 |
|
---|
15 | import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
|
---|
16 | import net.trajano.commons.testing.UtilityClassTestUtil;
|
---|
17 |
|
---|
18 | /**
|
---|
19 | * Unit tests of {@link CertificateAmendment} class.
|
---|
20 | */
|
---|
21 | public class CertificateAmendmentTest {
|
---|
22 |
|
---|
23 | /**
|
---|
24 | * Setup rule
|
---|
25 | */
|
---|
26 | @Rule
|
---|
27 | @SuppressFBWarnings(value = "URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD")
|
---|
28 | public JOSMTestRules test = new JOSMTestRules().platform().https();
|
---|
29 |
|
---|
30 | /**
|
---|
31 | * Tests that {@code CertificateAmendment} satisfies utility class criterias.
|
---|
32 | * @throws ReflectiveOperationException if an error occurs
|
---|
33 | */
|
---|
34 | @Test
|
---|
35 | public void testUtilityClass() throws ReflectiveOperationException {
|
---|
36 | UtilityClassTestUtil.assertUtilityClassWellDefined(CertificateAmendment.class);
|
---|
37 | }
|
---|
38 |
|
---|
39 | /**
|
---|
40 | * Test a well-known certificate.
|
---|
41 | * @throws IOException in case of I/O error
|
---|
42 | */
|
---|
43 | @Test
|
---|
44 | public void testDefault() throws IOException {
|
---|
45 | // something that is not embedded
|
---|
46 | connect("https://google.com", true);
|
---|
47 | }
|
---|
48 |
|
---|
49 | /**
|
---|
50 | * Test <a href="https://letsencrypt.org">Let's Encrypt</a>.
|
---|
51 | * @throws IOException in case of I/O error
|
---|
52 | */
|
---|
53 | @Test
|
---|
54 | public void testLetsEncrypt() throws IOException {
|
---|
55 | // signed by letsencrypt's own ISRG root
|
---|
56 | // (not included yet)
|
---|
57 | // TODO: they switched to cross-sign CA, re-enable it if ISRG root is used again
|
---|
58 | // connect("https://helloworld.letsencrypt.org", false);
|
---|
59 | // signed by letsencrypt's cross-sign CA
|
---|
60 | connect("https://letsencrypt.org", true);
|
---|
61 | // signed by letsencrypt's cross-sign CA, requires SNI
|
---|
62 | connect("https://acme-v01.api.letsencrypt.org", true);
|
---|
63 | }
|
---|
64 |
|
---|
65 | /**
|
---|
66 | * Test a broken certificate.
|
---|
67 | * @throws IOException in case of I/O error
|
---|
68 | */
|
---|
69 | @Test
|
---|
70 | public void testBrokenCert() throws IOException {
|
---|
71 | // broken at the moment (may get fixed some day)
|
---|
72 | connect("https://www.pcwebshop.co.uk", false);
|
---|
73 | }
|
---|
74 |
|
---|
75 | /**
|
---|
76 | * Test overpass API.
|
---|
77 | * @throws IOException in case of I/O error
|
---|
78 | */
|
---|
79 | @Test
|
---|
80 | public void testOverpass() throws IOException {
|
---|
81 | connect("https://overpass-api.de", true);
|
---|
82 | }
|
---|
83 |
|
---|
84 | /**
|
---|
85 | * Test Dutch government.
|
---|
86 | * @throws IOException in case of I/O error
|
---|
87 | */
|
---|
88 | @Test
|
---|
89 | public void testDutchGovernment() throws IOException {
|
---|
90 | connect("https://geodata.nationaalgeoregister.nl", true);
|
---|
91 | }
|
---|
92 |
|
---|
93 | private static void connect(String url, boolean shouldWork) throws IOException {
|
---|
94 | URLConnection connection = new URL(url).openConnection();
|
---|
95 | try {
|
---|
96 | connection.connect();
|
---|
97 | } catch (SSLHandshakeException e) {
|
---|
98 | if (shouldWork) {
|
---|
99 | e.printStackTrace();
|
---|
100 | Assert.fail("Untrusted: " + url);
|
---|
101 | } else {
|
---|
102 | return;
|
---|
103 | }
|
---|
104 | }
|
---|
105 | if (!shouldWork) {
|
---|
106 | Assert.fail("Expected error: " + url);
|
---|
107 | }
|
---|
108 | }
|
---|
109 | }
|
---|