diff options
author | Peter Hartmann <peter.hartmann@nokia.com> | 2011-03-24 14:42:22 +0100 |
---|---|---|
committer | Peter Hartmann <peter.hartmann@nokia.com> | 2011-03-24 18:20:38 +0100 |
commit | 04e074e8d7c097295505e63565abdc7ca2b49f7b (patch) | |
tree | f3a644e73d5aebc1329b4ac6ebf4867005227890 /tests/auto/qsslcertificate/tst_qsslcertificate.cpp | |
parent | 76ea46579d0678ec7b1cc9306b82ef5fc7601493 (diff) |
QSslCertificate: report fraudulent certificates as invalid
There are some fraudulent certificates in the wild that are not valid;
this patch introduces a blacklist of serial numbers of those
certificates.
Reviewed-by: Richard J. Moore
Reviewed-by: Markus Goetz
Task-number: QTBUG-18338
Diffstat (limited to 'tests/auto/qsslcertificate/tst_qsslcertificate.cpp')
-rw-r--r-- | tests/auto/qsslcertificate/tst_qsslcertificate.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp index 1e3a8ddb4b..ae7d6b17ca 100644 --- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp @@ -111,6 +111,8 @@ private slots: void nulInSan(); void largeSerialNumber(); void largeExpirationDate(); + void blacklistedCertificates(); + // ### add tests for certificate bundles (multiple certificates concatenated into a single // structure); both PEM and DER formatted #endif @@ -817,6 +819,15 @@ void tst_QSslCertificate::largeExpirationDate() // QTBUG-12489 QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), Qt::UTC)); } +void tst_QSslCertificate::blacklistedCertificates() +{ + QList<QSslCertificate> blacklistedCerts = QSslCertificate::fromPath(SRCDIR "more-certificates/blacklisted*.pem", QSsl::Pem, QRegExp::Wildcard); + QVERIFY(blacklistedCerts.count() > 0); + for (int a = 0; a < blacklistedCerts.count(); a++) { + QVERIFY(! blacklistedCerts.at(a).isValid()); + } +} + #endif // QT_NO_OPENSSL QTEST_MAIN(tst_QSslCertificate) |