author | Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> |
Fri, 12 Mar 2010 15:46:37 +0200 | |
branch | RCL_3 |
changeset 5 | d3bac044e0f0 |
parent 4 | 3b1da2848fc7 |
permissions | -rw-r--r-- |
0 | 1 |
/**************************************************************************** |
2 |
** |
|
4
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
3 |
** Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies). |
0 | 4 |
** All rights reserved. |
5 |
** Contact: Nokia Corporation (qt-info@nokia.com) |
|
6 |
** |
|
7 |
** This file is part of the test suite of the Qt Toolkit. |
|
8 |
** |
|
9 |
** $QT_BEGIN_LICENSE:LGPL$ |
|
10 |
** No Commercial Usage |
|
11 |
** This file contains pre-release code and may not be distributed. |
|
12 |
** You may use this file in accordance with the terms and conditions |
|
13 |
** contained in the Technology Preview License Agreement accompanying |
|
14 |
** this package. |
|
15 |
** |
|
16 |
** GNU Lesser General Public License Usage |
|
17 |
** Alternatively, this file may be used under the terms of the GNU Lesser |
|
18 |
** General Public License version 2.1 as published by the Free Software |
|
19 |
** Foundation and appearing in the file LICENSE.LGPL included in the |
|
20 |
** packaging of this file. Please review the following information to |
|
21 |
** ensure the GNU Lesser General Public License version 2.1 requirements |
|
22 |
** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. |
|
23 |
** |
|
24 |
** In addition, as a special exception, Nokia gives you certain additional |
|
25 |
** rights. These rights are described in the Nokia Qt LGPL Exception |
|
26 |
** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. |
|
27 |
** |
|
28 |
** If you have questions regarding the use of this file, please contact |
|
29 |
** Nokia at qt-info@nokia.com. |
|
30 |
** |
|
31 |
** |
|
32 |
** |
|
33 |
** |
|
34 |
** |
|
35 |
** |
|
36 |
** |
|
37 |
** |
|
38 |
** $QT_END_LICENSE$ |
|
39 |
** |
|
40 |
****************************************************************************/ |
|
41 |
||
42 |
||
43 |
#include <QtTest/QtTest> |
|
44 |
#include <qsslcertificate.h> |
|
45 |
#include <qsslkey.h> |
|
46 |
#include <qsslsocket.h> |
|
47 |
||
48 |
#ifdef Q_OS_SYMBIAN |
|
49 |
// In Symbian OS test data is located in applications private dir |
|
50 |
// Current path (C:\private\<UID>) contains only ascii chars |
|
51 |
#define SRCDIR "./" |
|
52 |
#endif |
|
53 |
||
54 |
class tst_QSslCertificate : public QObject |
|
55 |
{ |
|
56 |
Q_OBJECT |
|
57 |
||
58 |
struct CertInfo { |
|
59 |
QFileInfo fileInfo; |
|
60 |
QFileInfo fileInfo_digest_md5; |
|
61 |
QFileInfo fileInfo_digest_sha1; |
|
62 |
QSsl::EncodingFormat format; |
|
63 |
CertInfo(const QFileInfo &fileInfo, QSsl::EncodingFormat format) |
|
64 |
: fileInfo(fileInfo), format(format) {} |
|
65 |
}; |
|
66 |
||
67 |
QList<CertInfo> certInfoList; |
|
68 |
QMap<QString, QString> subjAltNameMap; |
|
69 |
QMap<QString, QString> pubkeyMap; |
|
70 |
QMap<QString, QString> md5Map; |
|
71 |
QMap<QString, QString> sha1Map; |
|
72 |
||
73 |
void createTestRows(); |
|
74 |
#ifndef QT_NO_OPENSSL |
|
75 |
void compareCertificates(const QSslCertificate & cert1, const QSslCertificate & cert2); |
|
76 |
#endif |
|
77 |
||
78 |
QString oldCurrentDir; |
|
79 |
public: |
|
80 |
tst_QSslCertificate(); |
|
81 |
virtual ~tst_QSslCertificate(); |
|
82 |
||
83 |
public slots: |
|
84 |
void initTestCase_data(); |
|
85 |
void init(); |
|
86 |
void cleanup(); |
|
87 |
||
88 |
#ifndef QT_NO_OPENSSL |
|
89 |
private slots: |
|
90 |
void emptyConstructor(); |
|
91 |
void constructor_data(); |
|
92 |
void constructor(); |
|
93 |
void constructingGarbage(); |
|
94 |
void copyAndAssign_data(); |
|
95 |
void copyAndAssign(); |
|
96 |
void digest_data(); |
|
97 |
void digest(); |
|
98 |
void alternateSubjectNames_data(); |
|
99 |
void alternateSubjectNames(); |
|
100 |
void publicKey_data(); |
|
101 |
void publicKey(); |
|
102 |
void toPemOrDer_data(); |
|
103 |
void toPemOrDer(); |
|
104 |
void fromDevice(); |
|
105 |
void fromPath_data(); |
|
106 |
void fromPath(); |
|
107 |
void certInfo(); |
|
4
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
108 |
void certInfoQByteArray(); |
0 | 109 |
void task256066toPem(); |
110 |
void nulInCN(); |
|
111 |
void nulInSan(); |
|
112 |
// ### add tests for certificate bundles (multiple certificates concatenated into a single |
|
113 |
// structure); both PEM and DER formatted |
|
114 |
#endif |
|
115 |
}; |
|
116 |
||
117 |
tst_QSslCertificate::tst_QSslCertificate() |
|
118 |
{ |
|
119 |
QDir dir(SRCDIR + QLatin1String("/certificates")); |
|
120 |
QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); |
|
121 |
QRegExp rxCert(QLatin1String("^.+\\.(pem|der)$")); |
|
122 |
QRegExp rxSan(QLatin1String("^(.+\\.(?:pem|der))\\.san$")); |
|
123 |
QRegExp rxPubKey(QLatin1String("^(.+\\.(?:pem|der))\\.pubkey$")); |
|
124 |
QRegExp rxDigest(QLatin1String("^(.+\\.(?:pem|der))\\.digest-(md5|sha1)$")); |
|
125 |
foreach (QFileInfo fileInfo, fileInfoList) { |
|
126 |
if (rxCert.indexIn(fileInfo.fileName()) >= 0) |
|
127 |
certInfoList << |
|
128 |
CertInfo(fileInfo, |
|
129 |
rxCert.cap(1) == QLatin1String("pem") ? QSsl::Pem : QSsl::Der); |
|
130 |
if (rxSan.indexIn(fileInfo.fileName()) >= 0) |
|
131 |
subjAltNameMap.insert(rxSan.cap(1), fileInfo.absoluteFilePath()); |
|
132 |
if (rxPubKey.indexIn(fileInfo.fileName()) >= 0) |
|
133 |
pubkeyMap.insert(rxPubKey.cap(1), fileInfo.absoluteFilePath()); |
|
134 |
if (rxDigest.indexIn(fileInfo.fileName()) >= 0) { |
|
135 |
if (rxDigest.cap(2) == QLatin1String("md5")) |
|
136 |
md5Map.insert(rxDigest.cap(1), fileInfo.absoluteFilePath()); |
|
137 |
else |
|
138 |
sha1Map.insert(rxDigest.cap(1), fileInfo.absoluteFilePath()); |
|
139 |
} |
|
140 |
} |
|
141 |
} |
|
142 |
||
143 |
tst_QSslCertificate::~tst_QSslCertificate() |
|
144 |
{ |
|
145 |
} |
|
146 |
||
147 |
void tst_QSslCertificate::initTestCase_data() |
|
148 |
{ |
|
149 |
} |
|
150 |
||
151 |
void tst_QSslCertificate::init() |
|
152 |
{ |
|
153 |
QString srcdir(QLatin1String(SRCDIR)); |
|
154 |
if (!srcdir.isEmpty()) { |
|
155 |
oldCurrentDir = QDir::current().absolutePath(); |
|
156 |
QDir::setCurrent(srcdir); |
|
157 |
} |
|
158 |
} |
|
159 |
||
160 |
void tst_QSslCertificate::cleanup() |
|
161 |
{ |
|
162 |
if (!oldCurrentDir.isEmpty()) { |
|
163 |
QDir::setCurrent(oldCurrentDir); |
|
164 |
} |
|
165 |
||
166 |
} |
|
167 |
||
168 |
static QByteArray readFile(const QString &absFilePath) |
|
169 |
{ |
|
170 |
QFile file(absFilePath); |
|
171 |
if (!file.open(QIODevice::ReadOnly)) { |
|
172 |
QWARN("failed to open file"); |
|
173 |
return QByteArray(); |
|
174 |
} |
|
175 |
return file.readAll(); |
|
176 |
} |
|
177 |
||
178 |
#ifndef QT_NO_OPENSSL |
|
179 |
||
180 |
void tst_QSslCertificate::emptyConstructor() |
|
181 |
{ |
|
182 |
if (!QSslSocket::supportsSsl()) |
|
183 |
return; |
|
184 |
||
185 |
QSslCertificate certificate; |
|
186 |
QVERIFY(certificate.isNull()); |
|
187 |
//make sure none of the functions crash (task 203035) |
|
188 |
QVERIFY(!certificate.isValid()); |
|
189 |
QCOMPARE(certificate.version() , QByteArray()); |
|
190 |
QCOMPARE(certificate.serialNumber(), QByteArray()); |
|
191 |
QCOMPARE(certificate.digest(), QCryptographicHash::hash(QByteArray(), QCryptographicHash::Md5)); |
|
192 |
QCOMPARE(certificate.issuerInfo(QSslCertificate::Organization), QString()); |
|
193 |
QCOMPARE(certificate.subjectInfo(QSslCertificate::Organization), QString()); |
|
194 |
QCOMPARE(certificate.alternateSubjectNames(),(QMultiMap<QSsl::AlternateNameEntryType, QString>())); |
|
195 |
#ifndef QT_NO_TEXTSTREAM |
|
196 |
QCOMPARE(certificate.effectiveDate(), QDateTime()); |
|
197 |
QCOMPARE(certificate.expiryDate(), QDateTime()); |
|
198 |
#endif |
|
199 |
} |
|
200 |
||
201 |
Q_DECLARE_METATYPE(QSsl::EncodingFormat); |
|
202 |
||
203 |
void tst_QSslCertificate::createTestRows() |
|
204 |
{ |
|
205 |
QTest::addColumn<QString>("absFilePath"); |
|
206 |
QTest::addColumn<QSsl::EncodingFormat>("format"); |
|
207 |
foreach (CertInfo certInfo, certInfoList) { |
|
208 |
QTest::newRow(certInfo.fileInfo.fileName().toLatin1()) |
|
209 |
<< certInfo.fileInfo.absoluteFilePath() << certInfo.format; |
|
210 |
} |
|
211 |
} |
|
212 |
||
213 |
void tst_QSslCertificate::constructor_data() |
|
214 |
{ |
|
215 |
createTestRows(); |
|
216 |
} |
|
217 |
||
218 |
void tst_QSslCertificate::constructor() |
|
219 |
{ |
|
220 |
if (!QSslSocket::supportsSsl()) |
|
221 |
return; |
|
222 |
||
223 |
QFETCH(QString, absFilePath); |
|
224 |
QFETCH(QSsl::EncodingFormat, format); |
|
225 |
||
226 |
QByteArray encoded = readFile(absFilePath); |
|
227 |
QSslCertificate certificate(encoded, format); |
|
228 |
QVERIFY(!certificate.isNull()); |
|
229 |
} |
|
230 |
||
231 |
void tst_QSslCertificate::constructingGarbage() |
|
232 |
{ |
|
233 |
if (!QSslSocket::supportsSsl()) |
|
234 |
return; |
|
235 |
||
236 |
QByteArray garbage("garbage"); |
|
237 |
QSslCertificate certificate(garbage); |
|
238 |
QVERIFY(certificate.isNull()); |
|
239 |
} |
|
240 |
||
241 |
void tst_QSslCertificate::copyAndAssign_data() |
|
242 |
{ |
|
243 |
createTestRows(); |
|
244 |
} |
|
245 |
||
246 |
void tst_QSslCertificate::compareCertificates( |
|
247 |
const QSslCertificate & cert1, const QSslCertificate & cert2) |
|
248 |
{ |
|
249 |
QCOMPARE(cert1.isNull(), cert2.isNull()); |
|
250 |
// Note: in theory, the next line could fail even if the certificates are identical! |
|
251 |
QCOMPARE(cert1.isValid(), cert2.isValid()); |
|
252 |
QCOMPARE(cert1.version(), cert2.version()); |
|
253 |
QCOMPARE(cert1.serialNumber(), cert2.serialNumber()); |
|
254 |
QCOMPARE(cert1.digest(), cert2.digest()); |
|
255 |
QCOMPARE(cert1.toPem(), cert2.toPem()); |
|
256 |
QCOMPARE(cert1.toDer(), cert2.toDer()); |
|
257 |
for (int info = QSslCertificate::Organization; |
|
258 |
info <= QSslCertificate::StateOrProvinceName; info++) { |
|
259 |
const QSslCertificate::SubjectInfo subjectInfo = (QSslCertificate::SubjectInfo)info; |
|
260 |
QCOMPARE(cert1.issuerInfo(subjectInfo), cert2.issuerInfo(subjectInfo)); |
|
261 |
QCOMPARE(cert1.subjectInfo(subjectInfo), cert2.subjectInfo(subjectInfo)); |
|
262 |
} |
|
263 |
QCOMPARE(cert1.alternateSubjectNames(), cert2.alternateSubjectNames()); |
|
264 |
QCOMPARE(cert1.effectiveDate(), cert2.effectiveDate()); |
|
265 |
QCOMPARE(cert1.expiryDate(), cert2.expiryDate()); |
|
266 |
QCOMPARE(cert1.version(), cert2.version()); |
|
267 |
QCOMPARE(cert1.serialNumber(), cert2.serialNumber()); |
|
268 |
// ### add more functions here ... |
|
269 |
} |
|
270 |
||
271 |
void tst_QSslCertificate::copyAndAssign() |
|
272 |
{ |
|
273 |
if (!QSslSocket::supportsSsl()) |
|
274 |
return; |
|
275 |
||
276 |
QFETCH(QString, absFilePath); |
|
277 |
QFETCH(QSsl::EncodingFormat, format); |
|
278 |
||
279 |
QByteArray encoded = readFile(absFilePath); |
|
280 |
QSslCertificate certificate(encoded, format); |
|
281 |
||
282 |
QVERIFY(!certificate.isNull()); |
|
283 |
||
284 |
QSslCertificate copied(certificate); |
|
285 |
compareCertificates(certificate, copied); |
|
286 |
||
287 |
QSslCertificate assigned = certificate; |
|
288 |
compareCertificates(certificate, assigned); |
|
289 |
} |
|
290 |
||
291 |
void tst_QSslCertificate::digest_data() |
|
292 |
{ |
|
293 |
QTest::addColumn<QString>("absFilePath"); |
|
294 |
QTest::addColumn<QSsl::EncodingFormat>("format"); |
|
295 |
QTest::addColumn<QString>("absFilePath_digest_md5"); |
|
296 |
QTest::addColumn<QString>("absFilePath_digest_sha1"); |
|
297 |
foreach (CertInfo certInfo, certInfoList) { |
|
298 |
QString certName = certInfo.fileInfo.fileName(); |
|
299 |
QTest::newRow(certName.toLatin1()) |
|
300 |
<< certInfo.fileInfo.absoluteFilePath() |
|
301 |
<< certInfo.format |
|
302 |
<< md5Map.value(certName) |
|
303 |
<< sha1Map.value(certName); |
|
304 |
} |
|
305 |
} |
|
306 |
||
307 |
// Converts a digest of the form '{MD5|SHA1} Fingerprint=AB:B8:32...' to binary format. |
|
308 |
static QByteArray convertDigest(const QByteArray &input) |
|
309 |
{ |
|
310 |
QByteArray result; |
|
311 |
QRegExp rx(QLatin1String("(?:=|:)([0-9A-Fa-f]{2})")); |
|
312 |
int pos = 0; |
|
313 |
while ((pos = rx.indexIn(input, pos)) != -1) { |
|
314 |
result.append(rx.cap(1).toLatin1()); |
|
315 |
pos += rx.matchedLength(); |
|
316 |
} |
|
317 |
return QByteArray::fromHex(result); |
|
318 |
} |
|
319 |
||
320 |
void tst_QSslCertificate::digest() |
|
321 |
{ |
|
322 |
if (!QSslSocket::supportsSsl()) |
|
323 |
return; |
|
324 |
||
325 |
QFETCH(QString, absFilePath); |
|
326 |
QFETCH(QSsl::EncodingFormat, format); |
|
327 |
QFETCH(QString, absFilePath_digest_md5); |
|
328 |
QFETCH(QString, absFilePath_digest_sha1); |
|
329 |
||
330 |
QByteArray encoded = readFile(absFilePath); |
|
331 |
QSslCertificate certificate(encoded, format); |
|
332 |
QVERIFY(!certificate.isNull()); |
|
333 |
||
334 |
if (!absFilePath_digest_md5.isEmpty()) |
|
335 |
QCOMPARE(convertDigest(readFile(absFilePath_digest_md5)), |
|
336 |
certificate.digest(QCryptographicHash::Md5)); |
|
337 |
||
338 |
if (!absFilePath_digest_sha1.isEmpty()) |
|
339 |
QCOMPARE(convertDigest(readFile(absFilePath_digest_sha1)), |
|
340 |
certificate.digest(QCryptographicHash::Sha1)); |
|
341 |
} |
|
342 |
||
343 |
void tst_QSslCertificate::alternateSubjectNames_data() |
|
344 |
{ |
|
345 |
QTest::addColumn<QString>("certFilePath"); |
|
346 |
QTest::addColumn<QSsl::EncodingFormat>("format"); |
|
347 |
QTest::addColumn<QString>("subjAltNameFilePath"); |
|
348 |
||
349 |
foreach (CertInfo certInfo, certInfoList) { |
|
350 |
QString certName = certInfo.fileInfo.fileName(); |
|
351 |
if (subjAltNameMap.contains(certName)) |
|
352 |
QTest::newRow(certName.toLatin1()) |
|
353 |
<< certInfo.fileInfo.absoluteFilePath() |
|
354 |
<< certInfo.format |
|
355 |
<< subjAltNameMap.value(certName); |
|
356 |
} |
|
357 |
} |
|
358 |
||
359 |
void tst_QSslCertificate::alternateSubjectNames() |
|
360 |
{ |
|
361 |
if (!QSslSocket::supportsSsl()) |
|
362 |
return; |
|
363 |
||
364 |
QFETCH(QString, certFilePath); |
|
365 |
QFETCH(QSsl::EncodingFormat, format); |
|
366 |
QFETCH(QString, subjAltNameFilePath); |
|
367 |
||
368 |
QByteArray encodedCert = readFile(certFilePath); |
|
369 |
QSslCertificate certificate(encodedCert, format); |
|
370 |
QVERIFY(!certificate.isNull()); |
|
371 |
||
372 |
QByteArray fileContents = readFile(subjAltNameFilePath); |
|
373 |
||
374 |
const QMultiMap<QSsl::AlternateNameEntryType, QString> altSubjectNames = |
|
375 |
certificate.alternateSubjectNames(); |
|
376 |
||
377 |
// verify that each entry in subjAltNames is present in fileContents |
|
378 |
QMapIterator<QSsl::AlternateNameEntryType, QString> it(altSubjectNames); |
|
379 |
while (it.hasNext()) { |
|
380 |
it.next(); |
|
381 |
QString type; |
|
382 |
if (it.key() == QSsl::EmailEntry) |
|
383 |
type = QLatin1String("email"); |
|
384 |
else if (it.key() == QSsl::DnsEntry) |
|
385 |
type = QLatin1String("DNS"); |
|
386 |
else |
|
387 |
QFAIL("unsupported alternative name type"); |
|
388 |
QString entry = QString("%1:%2").arg(type).arg(it.value()); |
|
389 |
QVERIFY(fileContents.contains(entry.toAscii())); |
|
390 |
} |
|
391 |
||
392 |
// verify that each entry in fileContents is present in subjAltNames |
|
393 |
QRegExp rx(QLatin1String("(email|DNS):([^,\\r\\n]+)")); |
|
394 |
for (int pos = 0; (pos = rx.indexIn(fileContents, pos)) != -1; pos += rx.matchedLength()) { |
|
395 |
QSsl::AlternateNameEntryType key; |
|
396 |
if (rx.cap(1) == QLatin1String("email")) |
|
397 |
key = QSsl::EmailEntry; |
|
398 |
else if (rx.cap(1) == QLatin1String("DNS")) |
|
399 |
key = QSsl::DnsEntry; |
|
400 |
else |
|
401 |
QFAIL("unsupported alternative name type"); |
|
402 |
QVERIFY(altSubjectNames.contains(key, rx.cap(2))); |
|
403 |
} |
|
404 |
} |
|
405 |
||
406 |
void tst_QSslCertificate::publicKey_data() |
|
407 |
{ |
|
408 |
QTest::addColumn<QString>("certFilePath"); |
|
409 |
QTest::addColumn<QSsl::EncodingFormat>("format"); |
|
410 |
QTest::addColumn<QString>("pubkeyFilePath"); |
|
411 |
||
412 |
foreach (CertInfo certInfo, certInfoList) { |
|
413 |
QString certName = certInfo.fileInfo.fileName(); |
|
414 |
if (pubkeyMap.contains(certName)) |
|
415 |
QTest::newRow(certName.toLatin1()) |
|
416 |
<< certInfo.fileInfo.absoluteFilePath() |
|
417 |
<< certInfo.format |
|
418 |
<< pubkeyMap.value(certName); |
|
419 |
} |
|
420 |
} |
|
421 |
||
422 |
void tst_QSslCertificate::publicKey() |
|
423 |
{ |
|
424 |
if (!QSslSocket::supportsSsl()) |
|
425 |
return; |
|
426 |
||
427 |
QFETCH(QString, certFilePath); |
|
428 |
QFETCH(QSsl::EncodingFormat, format); |
|
429 |
QFETCH(QString, pubkeyFilePath); |
|
430 |
||
431 |
QByteArray encodedCert = readFile(certFilePath); |
|
432 |
QSslCertificate certificate(encodedCert, format); |
|
433 |
QVERIFY(!certificate.isNull()); |
|
434 |
||
435 |
QByteArray encodedPubkey = readFile(pubkeyFilePath); |
|
436 |
QSslKey pubkey(encodedPubkey, QSsl::Rsa, format, QSsl::PublicKey); // ### support DSA as well! |
|
437 |
QVERIFY(!pubkey.isNull()); |
|
438 |
||
439 |
QCOMPARE(certificate.publicKey(), pubkey); |
|
440 |
} |
|
441 |
||
442 |
void tst_QSslCertificate::toPemOrDer_data() |
|
443 |
{ |
|
444 |
createTestRows(); |
|
445 |
} |
|
446 |
||
447 |
static const char BeginCertString[] = "-----BEGIN CERTIFICATE-----"; |
|
448 |
static const char EndCertString[] = "-----END CERTIFICATE-----"; |
|
449 |
||
450 |
// Returns, in Pem-format, the first certificate found in a Pem-formatted block |
|
451 |
// (Note that such a block may contain e.g. a private key at the end). |
|
452 |
static QByteArray firstPemCertificateFromPem(const QByteArray &pem) |
|
453 |
{ |
|
454 |
int startPos = pem.indexOf(BeginCertString); |
|
455 |
int endPos = pem.indexOf(EndCertString); |
|
456 |
if (startPos == -1 || endPos == -1) |
|
457 |
return QByteArray(); |
|
458 |
return pem.mid(startPos, endPos + sizeof(EndCertString) - startPos); |
|
459 |
} |
|
460 |
||
461 |
void tst_QSslCertificate::toPemOrDer() |
|
462 |
{ |
|
463 |
if (!QSslSocket::supportsSsl()) |
|
464 |
return; |
|
465 |
||
466 |
QFETCH(QString, absFilePath); |
|
467 |
QFETCH(QSsl::EncodingFormat, format); |
|
468 |
||
469 |
QByteArray encoded = readFile(absFilePath); |
|
470 |
QSslCertificate certificate(encoded, format); |
|
471 |
QVERIFY(!certificate.isNull()); |
|
472 |
if (format == QSsl::Pem) { |
|
473 |
encoded.replace('\r',""); |
|
474 |
QByteArray firstPem = firstPemCertificateFromPem(encoded); |
|
475 |
QCOMPARE(certificate.toPem(), firstPem); |
|
476 |
} else { |
|
477 |
// ### for now, we assume that DER-encoded certificates don't contain bundled stuff |
|
478 |
QCOMPARE(certificate.toDer(), encoded); |
|
479 |
} |
|
480 |
} |
|
481 |
||
482 |
void tst_QSslCertificate::fromDevice() |
|
483 |
{ |
|
484 |
QTest::ignoreMessage(QtWarningMsg, "QSslCertificate::fromDevice: cannot read from a null device"); |
|
485 |
QList<QSslCertificate> certs = QSslCertificate::fromDevice(0); // don't crash |
|
486 |
QVERIFY(certs.isEmpty()); |
|
487 |
} |
|
488 |
||
489 |
void tst_QSslCertificate::fromPath_data() |
|
490 |
{ |
|
491 |
QTest::addColumn<QString>("path"); |
|
492 |
QTest::addColumn<int>("syntax"); |
|
493 |
QTest::addColumn<bool>("pemencoding"); |
|
494 |
QTest::addColumn<int>("numCerts"); |
|
495 |
||
496 |
QTest::newRow("empty fixed pem") << QString() << int(QRegExp::FixedString) << true << 0; |
|
497 |
QTest::newRow("empty fixed der") << QString() << int(QRegExp::FixedString) << false << 0; |
|
498 |
QTest::newRow("empty regexp pem") << QString() << int(QRegExp::RegExp) << true << 0; |
|
499 |
QTest::newRow("empty regexp der") << QString() << int(QRegExp::RegExp) << false << 0; |
|
500 |
QTest::newRow("empty wildcard pem") << QString() << int(QRegExp::Wildcard) << true << 0; |
|
501 |
QTest::newRow("empty wildcard der") << QString() << int(QRegExp::Wildcard) << false << 0; |
|
502 |
QTest::newRow("\"certificates\" fixed pem") << QString("certificates") << int(QRegExp::FixedString) << true << 0; |
|
503 |
QTest::newRow("\"certificates\" fixed der") << QString("certificates") << int(QRegExp::FixedString) << false << 0; |
|
504 |
QTest::newRow("\"certificates\" regexp pem") << QString("certificates") << int(QRegExp::RegExp) << true << 0; |
|
505 |
QTest::newRow("\"certificates\" regexp der") << QString("certificates") << int(QRegExp::RegExp) << false << 0; |
|
506 |
QTest::newRow("\"certificates\" wildcard pem") << QString("certificates") << int(QRegExp::Wildcard) << true << 0; |
|
507 |
QTest::newRow("\"certificates\" wildcard der") << QString("certificates") << int(QRegExp::Wildcard) << false << 0; |
|
508 |
QTest::newRow("\"certificates/cert.pem\" fixed pem") << QString("certificates/cert.pem") << int(QRegExp::FixedString) << true << 1; |
|
509 |
QTest::newRow("\"certificates/cert.pem\" fixed der") << QString("certificates/cert.pem") << int(QRegExp::FixedString) << false << 0; |
|
510 |
QTest::newRow("\"certificates/cert.pem\" regexp pem") << QString("certificates/cert.pem") << int(QRegExp::RegExp) << true << 1; |
|
511 |
QTest::newRow("\"certificates/cert.pem\" regexp der") << QString("certificates/cert.pem") << int(QRegExp::RegExp) << false << 0; |
|
512 |
QTest::newRow("\"certificates/cert.pem\" wildcard pem") << QString("certificates/cert.pem") << int(QRegExp::Wildcard) << true << 1; |
|
513 |
QTest::newRow("\"certificates/cert.pem\" wildcard der") << QString("certificates/cert.pem") << int(QRegExp::Wildcard) << false << 0; |
|
514 |
QTest::newRow("\"certificates/*\" fixed pem") << QString("certificates/*") << int(QRegExp::FixedString) << true << 0; |
|
515 |
QTest::newRow("\"certificates/*\" fixed der") << QString("certificates/*") << int(QRegExp::FixedString) << false << 0; |
|
516 |
QTest::newRow("\"certificates/*\" regexp pem") << QString("certificates/*") << int(QRegExp::RegExp) << true << 0; |
|
517 |
QTest::newRow("\"certificates/*\" regexp der") << QString("certificates/*") << int(QRegExp::RegExp) << false << 0; |
|
518 |
QTest::newRow("\"certificates/*\" wildcard pem") << QString("certificates/*") << int(QRegExp::Wildcard) << true << 4; |
|
519 |
QTest::newRow("\"certificates/*\" wildcard der") << QString("certificates/*") << int(QRegExp::Wildcard) << false << 0; |
|
520 |
QTest::newRow("\"c*/c*.pem\" fixed pem") << QString("c*/c*.pem") << int(QRegExp::FixedString) << true << 0; |
|
521 |
QTest::newRow("\"c*/c*.pem\" fixed der") << QString("c*/c*.pem") << int(QRegExp::FixedString) << false << 0; |
|
522 |
QTest::newRow("\"c*/c*.pem\" regexp pem") << QString("c*/c*.pem") << int(QRegExp::RegExp) << true << 0; |
|
523 |
QTest::newRow("\"c*/c*.pem\" regexp der") << QString("c*/c*.pem") << int(QRegExp::RegExp) << false << 0; |
|
524 |
QTest::newRow("\"c*/c*.pem\" wildcard pem") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << true << 4; |
|
525 |
QTest::newRow("\"c*/c*.pem\" wildcard der") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << false << 0; |
|
526 |
QTest::newRow("\"d*/c*.pem\" fixed pem") << QString("d*/c*.pem") << int(QRegExp::FixedString) << true << 0; |
|
527 |
QTest::newRow("\"d*/c*.pem\" fixed der") << QString("d*/c*.pem") << int(QRegExp::FixedString) << false << 0; |
|
528 |
QTest::newRow("\"d*/c*.pem\" regexp pem") << QString("d*/c*.pem") << int(QRegExp::RegExp) << true << 0; |
|
529 |
QTest::newRow("\"d*/c*.pem\" regexp der") << QString("d*/c*.pem") << int(QRegExp::RegExp) << false << 0; |
|
530 |
QTest::newRow("\"d*/c*.pem\" wildcard pem") << QString("d*/c*.pem") << int(QRegExp::Wildcard) << true << 0; |
|
531 |
QTest::newRow("\"d*/c*.pem\" wildcard der") << QString("d*/c*.pem") << int(QRegExp::Wildcard) << false << 0; |
|
532 |
QTest::newRow("\"c.*/c.*.pem\" fixed pem") << QString("c.*/c.*.pem") << int(QRegExp::FixedString) << true << 0; |
|
533 |
QTest::newRow("\"c.*/c.*.pem\" fixed der") << QString("c.*/c.*.pem") << int(QRegExp::FixedString) << false << 0; |
|
534 |
QTest::newRow("\"c.*/c.*.pem\" regexp pem") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << true << 4; |
|
535 |
QTest::newRow("\"c.*/c.*.pem\" regexp der") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << false << 0; |
|
536 |
QTest::newRow("\"c.*/c.*.pem\" wildcard pem") << QString("c.*/c.*.pem") << int(QRegExp::Wildcard) << true << 0; |
|
537 |
QTest::newRow("\"c.*/c.*.pem\" wildcard der") << QString("c.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0; |
|
538 |
QTest::newRow("\"d.*/c.*.pem\" fixed pem") << QString("d.*/c.*.pem") << int(QRegExp::FixedString) << true << 0; |
|
539 |
QTest::newRow("\"d.*/c.*.pem\" fixed der") << QString("d.*/c.*.pem") << int(QRegExp::FixedString) << false << 0; |
|
540 |
QTest::newRow("\"d.*/c.*.pem\" regexp pem") << QString("d.*/c.*.pem") << int(QRegExp::RegExp) << true << 0; |
|
541 |
QTest::newRow("\"d.*/c.*.pem\" regexp der") << QString("d.*/c.*.pem") << int(QRegExp::RegExp) << false << 0; |
|
542 |
QTest::newRow("\"d.*/c.*.pem\" wildcard pem") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << true << 0; |
|
543 |
QTest::newRow("\"d.*/c.*.pem\" wildcard der") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0; |
|
544 |
||
545 |
QTest::newRow("trailing-whitespace") << QString("more-certificates/trailing-whitespace.pem") << int(QRegExp::FixedString) << true << 1; |
|
5
d3bac044e0f0
Revision: 201007
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
4
diff
changeset
|
546 |
QTest::newRow("no-ending-newline") << QString("more-certificates/no-ending-newline.pem") << int(QRegExp::FixedString) << true << 1; |
d3bac044e0f0
Revision: 201007
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
4
diff
changeset
|
547 |
QTest::newRow("malformed-just-begin") << QString("more-certificates/malformed-just-begin.pem") << int(QRegExp::FixedString) << true << 0; |
d3bac044e0f0
Revision: 201007
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
4
diff
changeset
|
548 |
QTest::newRow("malformed-just-begin-no-newline") << QString("more-certificates/malformed-just-begin-no-newline.pem") << int(QRegExp::FixedString) << true << 0; |
0 | 549 |
} |
550 |
||
551 |
void tst_QSslCertificate::fromPath() |
|
552 |
{ |
|
553 |
QFETCH(QString, path); |
|
554 |
QFETCH(int, syntax); |
|
555 |
QFETCH(bool, pemencoding); |
|
556 |
QFETCH(int, numCerts); |
|
557 |
||
558 |
QCOMPARE(QSslCertificate::fromPath(path, |
|
559 |
pemencoding ? QSsl::Pem : QSsl::Der, |
|
560 |
QRegExp::PatternSyntax(syntax)).size(), |
|
561 |
numCerts); |
|
562 |
} |
|
563 |
||
564 |
void tst_QSslCertificate::certInfo() |
|
565 |
{ |
|
566 |
// MD5 Fingerprint=B6:CF:57:34:DA:A9:73:21:82:F7:CF:4D:3D:85:31:88 |
|
567 |
// SHA1 Fingerprint=B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60 |
|
568 |
// Certificate: |
|
569 |
// Data: |
|
570 |
// Version: 1 (0x0) |
|
571 |
// Serial Number: 17 (0x11) |
|
572 |
// Signature Algorithm: sha1WithRSAEncryption |
|
573 |
// Issuer: C=AU, ST=Queensland, O=CryptSoft Pty Ltd, CN=Test CA (1024 bit) |
|
574 |
// Validity |
|
575 |
// Not Before: Apr 17 07:40:26 2007 GMT |
|
576 |
// Not After : May 17 07:40:26 2007 GMT |
|
577 |
// Subject: CN=name/with/slashes, C=NO |
|
578 |
// Subject Public Key Info: |
|
579 |
// Public Key Algorithm: rsaEncryption |
|
580 |
// RSA Public Key: (1024 bit) |
|
581 |
// Modulus (1024 bit): |
|
582 |
// 00:eb:9d:e9:03:ac:30:4f:a9:58:03:44:c7:18:26: |
|
583 |
// 2f:48:93:d5:ac:a0:fb:e8:53:c4:7b:2a:01:89:e6: |
|
584 |
// fc:5a:0c:c5:f5:21:f8:d7:4a:92:02:67:db:f1:9f: |
|
585 |
// 36:9a:62:9d:f3:ce:48:8e:ba:ed:5a:a8:9d:4f:bb: |
|
586 |
// 24:16:43:4c:b5:79:08:f6:d9:22:8f:5f:15:0a:43: |
|
587 |
// 25:03:7a:9d:a7:af:e3:26:b1:53:55:5e:60:57:c8: |
|
588 |
// ed:2f:1c:f3:36:0a:78:64:91:f9:17:a7:34:d7:8b: |
|
589 |
// bd:f1:fc:d1:8c:4f:a5:96:75:b2:7b:fc:21:f0:c7: |
|
590 |
// d9:5f:0c:57:18:b2:af:b9:4b |
|
591 |
// Exponent: 65537 (0x10001) |
|
592 |
// Signature Algorithm: sha1WithRSAEncryption |
|
593 |
// 95:e6:94:e2:98:33:57:a2:98:fa:af:50:b9:76:a9:51:83:2c: |
|
594 |
// 0b:61:a2:36:d0:e6:90:6d:e4:f8:c4:c7:50:ef:17:94:4e:21: |
|
595 |
// a8:fa:c8:33:aa:d1:7f:bc:ca:41:d6:7d:e7:44:76:c0:bf:45: |
|
596 |
// 4a:76:25:42:6d:53:76:fd:fc:74:29:1a:ea:2b:cc:06:ab:d1: |
|
597 |
// b8:eb:7d:6b:11:f7:9b:41:bb:9f:31:cb:ed:4d:f3:68:26:ed: |
|
598 |
// 13:1d:f2:56:59:fe:6f:7c:98:b6:25:69:4e:ea:b4:dc:c2:eb: |
|
599 |
// b7:bb:50:18:05:ba:ad:af:08:49:fe:98:63:55:ba:e7:fb:95: |
|
600 |
// 5d:91 |
|
601 |
static const char pem[] = |
|
602 |
"-----BEGIN CERTIFICATE-----\n" |
|
603 |
"MIIB8zCCAVwCAREwDQYJKoZIhvcNAQEFBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV\n" |
|
604 |
"BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD\n" |
|
605 |
"VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDcwNDE3MDc0MDI2WhcNMDcwNTE3\n" |
|
606 |
"MDc0MDI2WjApMRowGAYDVQQDExFuYW1lL3dpdGgvc2xhc2hlczELMAkGA1UEBhMC\n" |
|
607 |
"Tk8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOud6QOsME+pWANExxgmL0iT\n" |
|
608 |
"1ayg++hTxHsqAYnm/FoMxfUh+NdKkgJn2/GfNppinfPOSI667VqonU+7JBZDTLV5\n" |
|
609 |
"CPbZIo9fFQpDJQN6naev4yaxU1VeYFfI7S8c8zYKeGSR+RenNNeLvfH80YxPpZZ1\n" |
|
610 |
"snv8IfDH2V8MVxiyr7lLAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAleaU4pgzV6KY\n" |
|
611 |
"+q9QuXapUYMsC2GiNtDmkG3k+MTHUO8XlE4hqPrIM6rRf7zKQdZ950R2wL9FSnYl\n" |
|
612 |
"Qm1Tdv38dCka6ivMBqvRuOt9axH3m0G7nzHL7U3zaCbtEx3yVln+b3yYtiVpTuq0\n" |
|
613 |
"3MLrt7tQGAW6ra8ISf6YY1W65/uVXZE=\n" |
|
614 |
"-----END CERTIFICATE-----\n"; |
|
615 |
static const char der[] = // hex encoded |
|
616 |
"30:82:01:f3:30:82:01:5c:02:01:11:30:0d:06:09:2a" |
|
617 |
"86:48:86:f7:0d:01:01:05:05:00:30:5b:31:0b:30:09" |
|
618 |
"06:03:55:04:06:13:02:41:55:31:13:30:11:06:03:55" |
|
619 |
"04:08:13:0a:51:75:65:65:6e:73:6c:61:6e:64:31:1a" |
|
620 |
"30:18:06:03:55:04:0a:13:11:43:72:79:70:74:53:6f" |
|
621 |
"66:74:20:50:74:79:20:4c:74:64:31:1b:30:19:06:03" |
|
622 |
"55:04:03:13:12:54:65:73:74:20:43:41:20:28:31:30" |
|
623 |
"32:34:20:62:69:74:29:30:1e:17:0d:30:37:30:34:31" |
|
624 |
"37:30:37:34:30:32:36:5a:17:0d:30:37:30:35:31:37" |
|
625 |
"30:37:34:30:32:36:5a:30:29:31:1a:30:18:06:03:55" |
|
626 |
"04:03:13:11:6e:61:6d:65:2f:77:69:74:68:2f:73:6c" |
|
627 |
"61:73:68:65:73:31:0b:30:09:06:03:55:04:06:13:02" |
|
628 |
"4e:4f:30:81:9f:30:0d:06:09:2a:86:48:86:f7:0d:01" |
|
629 |
"01:01:05:00:03:81:8d:00:30:81:89:02:81:81:00:eb" |
|
630 |
"9d:e9:03:ac:30:4f:a9:58:03:44:c7:18:26:2f:48:93" |
|
631 |
"d5:ac:a0:fb:e8:53:c4:7b:2a:01:89:e6:fc:5a:0c:c5" |
|
632 |
"f5:21:f8:d7:4a:92:02:67:db:f1:9f:36:9a:62:9d:f3" |
|
633 |
"ce:48:8e:ba:ed:5a:a8:9d:4f:bb:24:16:43:4c:b5:79" |
|
634 |
"08:f6:d9:22:8f:5f:15:0a:43:25:03:7a:9d:a7:af:e3" |
|
635 |
"26:b1:53:55:5e:60:57:c8:ed:2f:1c:f3:36:0a:78:64" |
|
636 |
"91:f9:17:a7:34:d7:8b:bd:f1:fc:d1:8c:4f:a5:96:75" |
|
637 |
"b2:7b:fc:21:f0:c7:d9:5f:0c:57:18:b2:af:b9:4b:02" |
|
638 |
"03:01:00:01:30:0d:06:09:2a:86:48:86:f7:0d:01:01" |
|
639 |
"05:05:00:03:81:81:00:95:e6:94:e2:98:33:57:a2:98" |
|
640 |
"fa:af:50:b9:76:a9:51:83:2c:0b:61:a2:36:d0:e6:90" |
|
641 |
"6d:e4:f8:c4:c7:50:ef:17:94:4e:21:a8:fa:c8:33:aa" |
|
642 |
"d1:7f:bc:ca:41:d6:7d:e7:44:76:c0:bf:45:4a:76:25" |
|
643 |
"42:6d:53:76:fd:fc:74:29:1a:ea:2b:cc:06:ab:d1:b8" |
|
644 |
"eb:7d:6b:11:f7:9b:41:bb:9f:31:cb:ed:4d:f3:68:26" |
|
645 |
"ed:13:1d:f2:56:59:fe:6f:7c:98:b6:25:69:4e:ea:b4" |
|
646 |
"dc:c2:eb:b7:bb:50:18:05:ba:ad:af:08:49:fe:98:63" |
|
647 |
"55:ba:e7:fb:95:5d:91"; |
|
648 |
||
649 |
QSslCertificate cert = QSslCertificate::fromPath("certificates/cert.pem", QSsl::Pem, |
|
650 |
QRegExp::FixedString).first(); |
|
651 |
QVERIFY(!cert.isNull()); |
|
652 |
||
653 |
QCOMPARE(cert.issuerInfo(QSslCertificate::Organization), QString("CryptSoft Pty Ltd")); |
|
654 |
QCOMPARE(cert.issuerInfo(QSslCertificate::CommonName), QString("Test CA (1024 bit)")); |
|
655 |
QCOMPARE(cert.issuerInfo(QSslCertificate::LocalityName), QString()); |
|
656 |
QCOMPARE(cert.issuerInfo(QSslCertificate::OrganizationalUnitName), QString()); |
|
657 |
QCOMPARE(cert.issuerInfo(QSslCertificate::CountryName), QString("AU")); |
|
658 |
QCOMPARE(cert.issuerInfo(QSslCertificate::StateOrProvinceName), QString("Queensland")); |
|
659 |
||
660 |
QCOMPARE(cert.issuerInfo("O"), QString("CryptSoft Pty Ltd")); |
|
661 |
QCOMPARE(cert.issuerInfo("CN"), QString("Test CA (1024 bit)")); |
|
662 |
QCOMPARE(cert.issuerInfo("L"), QString()); |
|
663 |
QCOMPARE(cert.issuerInfo("OU"), QString()); |
|
664 |
QCOMPARE(cert.issuerInfo("C"), QString("AU")); |
|
665 |
QCOMPARE(cert.issuerInfo("ST"), QString("Queensland")); |
|
666 |
||
667 |
QCOMPARE(cert.subjectInfo(QSslCertificate::Organization), QString()); |
|
668 |
QCOMPARE(cert.subjectInfo(QSslCertificate::CommonName), QString("name/with/slashes")); |
|
669 |
QCOMPARE(cert.subjectInfo(QSslCertificate::LocalityName), QString()); |
|
670 |
QCOMPARE(cert.subjectInfo(QSslCertificate::OrganizationalUnitName), QString()); |
|
671 |
QCOMPARE(cert.subjectInfo(QSslCertificate::CountryName), QString("NO")); |
|
672 |
QCOMPARE(cert.subjectInfo(QSslCertificate::StateOrProvinceName), QString()); |
|
673 |
||
674 |
QCOMPARE(cert.subjectInfo("O"), QString()); |
|
675 |
QCOMPARE(cert.subjectInfo("CN"), QString("name/with/slashes")); |
|
676 |
QCOMPARE(cert.subjectInfo("L"), QString()); |
|
677 |
QCOMPARE(cert.subjectInfo("OU"), QString()); |
|
678 |
QCOMPARE(cert.subjectInfo("C"), QString("NO")); |
|
679 |
QCOMPARE(cert.subjectInfo("ST"), QString()); |
|
680 |
||
681 |
QCOMPARE(cert.version(), QByteArray::number(1)); |
|
682 |
QCOMPARE(cert.serialNumber(), QByteArray::number(17)); |
|
683 |
||
684 |
QCOMPARE(cert.toPem().constData(), (const char*)pem); |
|
685 |
QCOMPARE(cert.toDer(), QByteArray::fromHex(der)); |
|
686 |
||
687 |
QCOMPARE(cert.digest(QCryptographicHash::Md5), |
|
688 |
QByteArray::fromHex("B6:CF:57:34:DA:A9:73:21:82:F7:CF:4D:3D:85:31:88")); |
|
689 |
QCOMPARE(cert.digest(QCryptographicHash::Sha1), |
|
690 |
QByteArray::fromHex("B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60")); |
|
691 |
||
692 |
QCOMPARE(cert.effectiveDate().toUTC(), QDateTime(QDate(2007, 4, 17), QTime(7,40,26), Qt::UTC)); |
|
693 |
QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2007, 5, 17), QTime(7,40,26), Qt::UTC)); |
|
694 |
QVERIFY(!cert.isValid()); // cert has expired |
|
695 |
||
696 |
QSslCertificate copy = cert; |
|
697 |
QVERIFY(cert == copy); |
|
698 |
QVERIFY(!(cert != copy)); |
|
699 |
||
700 |
QCOMPARE(cert, QSslCertificate(pem, QSsl::Pem)); |
|
701 |
QCOMPARE(cert, QSslCertificate(QByteArray::fromHex(der), QSsl::Der)); |
|
702 |
} |
|
703 |
||
4
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
704 |
void tst_QSslCertificate::certInfoQByteArray() |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
705 |
{ |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
706 |
QSslCertificate cert = QSslCertificate::fromPath("certificates/cert.pem", QSsl::Pem, |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
707 |
QRegExp::FixedString).first(); |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
708 |
QVERIFY(!cert.isNull()); |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
709 |
|
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
710 |
// in this test, check the bytearray variants before the enum variants to see if |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
711 |
// we fixed a bug we had with lazy initialization of the values. |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
712 |
QCOMPARE(cert.issuerInfo("CN"), QString("Test CA (1024 bit)")); |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
713 |
QCOMPARE(cert.subjectInfo("CN"), QString("name/with/slashes")); |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
714 |
} |
3b1da2848fc7
Revision: 201003
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
715 |
|
0 | 716 |
void tst_QSslCertificate::task256066toPem() |
717 |
{ |
|
718 |
// a certificate whose PEM encoding's length is a multiple of 64 |
|
719 |
const char *mycert = "-----BEGIN CERTIFICATE-----\n" \ |
|
720 |
"MIIEGjCCAwKgAwIBAgIESikYSjANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQGEwJF\n" \ |
|
721 |
"RTEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEPMA0GA1UECxMG\n" \ |
|
722 |
"RVNURUlEMRcwFQYDVQQDEw5FU1RFSUQtU0sgMjAwNzAeFw0wOTA2MDUxMzA2MTha\n" \ |
|
723 |
"Fw0xNDA2MDkyMTAwMDBaMIGRMQswCQYDVQQGEwJFRTEPMA0GA1UEChMGRVNURUlE\n" \ |
|
724 |
"MRcwFQYDVQQLEw5hdXRoZW50aWNhdGlvbjEhMB8GA1UEAxMYSEVJQkVSRyxTVkVO\n" \ |
|
725 |
"LDM3NzA5MjcwMjg1MRAwDgYDVQQEEwdIRUlCRVJHMQ0wCwYDVQQqEwRTVkVOMRQw\n" \ |
|
726 |
"EgYDVQQFEwszNzcwOTI3MDI4NTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" \ |
|
727 |
"k2Euwhm34vu1jOFp02J5fQRx9LW2C7x78CbJ7yInoAKn7QR8UdxTU7mJk90Opejo\n" \ |
|
728 |
"71RUi2/aYl4jCr9gr99v2YoLufMRwAuqdmwmwqH1WAHRUtIcD0oPdKyelmmn9ig0\n" \ |
|
729 |
"RV+yJLNT3dnyrwPw+uuzDe3DeKepGKE4lxexliCaAx0CAyCMW6OCATEwggEtMA4G\n" \ |
|
730 |
"A1UdDwEB/wQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwPAYD\n" \ |
|
731 |
"VR0fBDUwMzAxoC+gLYYraHR0cDovL3d3dy5zay5lZS9jcmxzL2VzdGVpZC9lc3Rl\n" \ |
|
732 |
"aWQyMDA3LmNybDAgBgNVHREEGTAXgRVzdmVuLmhlaWJlcmdAZWVzdGkuZWUwUQYD\n" \ |
|
733 |
"VR0gBEowSDBGBgsrBgEEAc4fAQEBATA3MBIGCCsGAQUFBwICMAYaBG5vbmUwIQYI\n" \ |
|
734 |
"KwYBBQUHAgEWFWh0dHA6Ly93d3cuc2suZWUvY3BzLzAfBgNVHSMEGDAWgBRIBt6+\n" \ |
|
735 |
"jIdXlYB4Y/qcIysroDoYdTAdBgNVHQ4EFgQUKCjpDf+LcvL6AH0QOiW6rMTtB/0w\n" \ |
|
736 |
"CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEABRyRuUm9zt8V27WuNeXtCDmU\n" \ |
|
737 |
"MGzA6g4QXNAd2nxFzT3k+kNzzQTOcgRdmjiEPuK49On+GWnBr/5MSBNhbCJVPWr/\n" \ |
|
738 |
"yym1UYTBisaqhRt/N/kwZqd0bHeLJk+ZxSePXRyqkp9H8KPWqz7H+O/FxRS4ffxo\n" \ |
|
739 |
"Q9Clem+e0bcjNlL5xXiRGycBeZq8cKj+0+A/UuattznQlvHdlCEsSeu1fPOORqFV\n" \ |
|
740 |
"fZur4HC31lQD7xVvETLiL83CtOQC78+29XPD6Zlrrc5OF2yibSVParY19b8Zh6yu\n" \ |
|
741 |
"p1dNvN8pBgXGrsyxRonwHooV2ghGNmGILkpdvlQfnxeCUg4erfHjDdSY9vmT7w==\n" \ |
|
742 |
"-----END CERTIFICATE-----\n"; |
|
743 |
||
744 |
QByteArray pem1(mycert); |
|
745 |
QSslCertificate cert1(pem1); |
|
746 |
QVERIFY(!cert1.isNull()); |
|
747 |
QByteArray pem2(cert1.toPem()); |
|
748 |
QSslCertificate cert2(pem2); |
|
749 |
QVERIFY(!cert2.isNull()); |
|
750 |
QCOMPARE(pem1, pem2); |
|
751 |
} |
|
752 |
||
753 |
void tst_QSslCertificate::nulInCN() |
|
754 |
{ |
|
755 |
QList<QSslCertificate> certList = |
|
756 |
QSslCertificate::fromPath(SRCDIR "more-certificates/badguy-nul-cn.crt"); |
|
757 |
QCOMPARE(certList.size(), 1); |
|
758 |
||
759 |
const QSslCertificate &cert = certList.at(0); |
|
760 |
QVERIFY(!cert.isNull()); |
|
761 |
||
762 |
QString cn = cert.subjectInfo(QSslCertificate::CommonName); |
|
763 |
QVERIFY(cn != "www.bank.com"); |
|
764 |
||
765 |
static const char realCN[] = "www.bank.com\\x00.badguy.com"; |
|
766 |
QCOMPARE(cn, QString::fromLatin1(realCN, sizeof realCN - 1)); |
|
767 |
} |
|
768 |
||
769 |
void tst_QSslCertificate::nulInSan() |
|
770 |
{ |
|
771 |
QList<QSslCertificate> certList = |
|
772 |
QSslCertificate::fromPath(SRCDIR "more-certificates/badguy-nul-san.crt"); |
|
773 |
QCOMPARE(certList.size(), 1); |
|
774 |
||
775 |
const QSslCertificate &cert = certList.at(0); |
|
776 |
QVERIFY(!cert.isNull()); |
|
777 |
||
778 |
QMultiMap<QSsl::AlternateNameEntryType, QString> san = cert.alternateSubjectNames(); |
|
779 |
QVERIFY(!san.isEmpty()); |
|
780 |
||
781 |
QString dnssan = san.value(QSsl::DnsEntry); |
|
782 |
QVERIFY(!dnssan.isEmpty()); |
|
783 |
QVERIFY(dnssan != "www.bank.com"); |
|
784 |
||
785 |
static const char realSAN[] = "www.bank.com\0www.badguy.com"; |
|
786 |
QCOMPARE(dnssan, QString::fromLatin1(realSAN, sizeof realSAN - 1)); |
|
787 |
} |
|
788 |
||
789 |
#endif // QT_NO_OPENSSL |
|
790 |
||
791 |
QTEST_MAIN(tst_QSslCertificate) |
|
792 |
#include "tst_qsslcertificate.moc" |