Move certificate retrieval to @BeforeClass

Author: sunkup

lib/src/test/java/at/bitfire/cert4android/CustomCertManagerTest.kt

@@ -10,8 +10,9 @@
 
 package at.bitfire.cert4android
 
-import org.junit.Assume.assumeNotNull
+import org.junit.AssumptionViolatedException
 import org.junit.Before
+import org.junit.BeforeClass
 import org.junit.Test
 import java.io.IOException
 import java.net.URL
@@ -30,16 +31,6 @@ class CustomCertManagerTest {
     private lateinit var certManager: CustomCertManager
     private lateinit var paranoidCertManager: CustomCertManager
 
-    private var siteCerts: List<X509Certificate>? =
-        try {
-            getSiteCertificates(URL("https://www.davx5.com"))
-        } catch(_: IOException) {
-            null
-        }
-    init {
-        assumeNotNull("Couldn't load certificate from Web", siteCerts)
-    }
-
     @Before
     fun createCertManager() {
         certStore = TestCertStore()
@@ -55,18 +46,18 @@ class CustomCertManagerTest {
 
     @Test
     fun testTrustedCertificate() {
-        certManager.checkServerTrusted(siteCerts!!.toTypedArray(), "RSA")
+        certManager.checkServerTrusted(siteCerts.toTypedArray(), "RSA")
     }
 
     @Test(expected = CertificateException::class)
     fun testParanoidCertificate() {
-        paranoidCertManager.checkServerTrusted(siteCerts!!.toTypedArray(), "RSA")
+        paranoidCertManager.checkServerTrusted(siteCerts.toTypedArray(), "RSA")
     }
 
     @Test
     fun testAddCustomCertificate() {
         addTrustedCertificate()
-        paranoidCertManager.checkServerTrusted(siteCerts!!.toTypedArray(), "RSA")
+        paranoidCertManager.checkServerTrusted(siteCerts.toTypedArray(), "RSA")
     }
 
     @Test(expected = CertificateException::class)
@@ -77,51 +68,60 @@ class CustomCertManagerTest {
         // should now be rejected for the whole session
         addUntrustedCertificate()
 
-        paranoidCertManager.checkServerTrusted(siteCerts!!.toTypedArray(), "RSA")
+        paranoidCertManager.checkServerTrusted(siteCerts.toTypedArray(), "RSA")
     }
 
 
     // helpers
 
     private fun addTrustedCertificate() {
-        certStore.setTrustedByUser(siteCerts!!.first())
+        certStore.setTrustedByUser(siteCerts.first())
     }
 
     private fun addUntrustedCertificate() {
-        certStore.setUntrustedByUser(siteCerts!!.first())
+        certStore.setUntrustedByUser(siteCerts.first())
     }
 
-    /**
-     * Get the certificates of a site (bypassing all trusted checks).
-     *
-     * @param url the URL to get the certificates from
-     * @return the certificates of the site
-     */
-    fun getSiteCertificates(url: URL): List<X509Certificate> {
-        val conn = url.openConnection() as HttpsURLConnection
-        try {
-            conn.connectTimeout = 5000
-            conn.readTimeout = 5000
-            conn.hostnameVerifier = HostnameVerifier { _, _ -> true }
-            conn.sslSocketFactory = SSLContext.getInstance("TLS").apply {
-                init(
-                    null,
-                    arrayOf<TrustManager>(object : X509TrustManager {
-                        override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
-                        override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
-                        override fun getAcceptedIssuers(): Array<X509Certificate> = emptyArray()
-                    }),
-                    SecureRandom()
-                )
-            }.socketFactory
-            conn.inputStream.use {
-                it.read()
-                val certs = mutableListOf<X509Certificate>()
-                conn.serverCertificates.forEach { certs += it as X509Certificate }
-                return certs
+    companion object {
+        private lateinit var siteCerts: List<X509Certificate>
+
+        @JvmStatic
+        @BeforeClass
+        fun setUp() {
+            siteCerts = try {
+                getSiteCertificates(URL("https://www.davx5.com"))
+            } catch (_: IOException) {
+                // Skip all tests if the certs can't be fetched
+                throw AssumptionViolatedException("Couldn't load certificate from Web")
+            }
+        }
+
+        fun getSiteCertificates(url: URL): List<X509Certificate> {
+            val conn = url.openConnection() as HttpsURLConnection
+            try {
+                conn.connectTimeout = 5000
+                conn.readTimeout = 5000
+                conn.hostnameVerifier = HostnameVerifier { _, _ -> true }
+                conn.sslSocketFactory = SSLContext.getInstance("TLS").apply {
+                    init(
+                        null,
+                        arrayOf<TrustManager>(object : X509TrustManager {
+                            override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+                            override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+                            override fun getAcceptedIssuers(): Array<X509Certificate> = emptyArray()
+                        }),
+                        SecureRandom()
+                    )
+                }.socketFactory
+                conn.inputStream.use { stream ->
+                    stream.read()
+                    val certs = mutableListOf<X509Certificate>()
+                    conn.serverCertificates.forEach { certs += it as X509Certificate }
+                    return certs
+                }
+            } finally {
+                conn.disconnect()
             }
-        } finally {
-            conn.disconnect()
         }
     }