app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

package se.leap.bitmaskclient.eip;

import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.util.Calendar;

import se.leap.bitmaskclient.base.utils.ConfigHelper;
import se.leap.bitmaskclient.testutils.TestCalendarProvider;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static se.leap.bitmaskclient.testutils.MockHelper.mockConfigHelper;
import static se.leap.bitmaskclient.testutils.TestSetupHelper.getInputAsString;

@RunWith(PowerMockRunner.class)
@PrepareForTest({ConfigHelper.class})
public class VpnCertificateValidatorTest {

    @Before
    public void setup() {
    }

    @Test
    public void test_isValid() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
        String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.net.pem"));
        Calendar c = new Calendar.Builder().setDate(2018, 1, 1).setCalendarType("gregorian").build();
        mockConfigHelper("falseFingerPrint");
        VpnCertificateValidator validator = new VpnCertificateValidator(cert);
        validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
        assertTrue( validator.isValid());
    }

    @Test
    public void test_isValid_lessThan15days_returnFalse() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
        String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.net.pem"));
        Calendar c = new Calendar.Builder().setDate(2024, 4, 14).setCalendarType("gregorian").build();
        mockConfigHelper("falseFingerPrint");
        VpnCertificateValidator validator = new VpnCertificateValidator(cert);
        validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
        assertFalse( validator.isValid());
    }

    @Test
    public void test_isValid_multipleCerts_failIfOneExpires() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
        String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("float.hexacab.org.pem"));
        Calendar c = new Calendar.Builder().setDate(2024, 4, 14).setCalendarType("gregorian").build();
        mockConfigHelper("falseFingerPrint");
        VpnCertificateValidator validator = new VpnCertificateValidator(cert);
        validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
        assertFalse(validator.isValid());
    }

    @Test
    public void test_isValid_multipleCerts_allValid() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
        String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("float.hexacab.org.pem"));
        Calendar c = new Calendar.Builder().setDate(2024, 4, 13).setCalendarType("gregorian").build();
        mockConfigHelper("falseFingerPrint");
        VpnCertificateValidator validator = new VpnCertificateValidator(cert);
        validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
        assertFalse(validator.isValid());
    }
}