summaryrefslogtreecommitdiffstats
path: root/tests/auto/network/ssl
diff options
context:
space:
mode:
authorMÃ¥rten Nordheim <marten.nordheim@qt.io>2017-12-19 16:47:44 +0100
committerSimon Hausmann <simon.hausmann@qt.io>2018-04-23 12:55:38 +0000
commitc45802e33a564bfca4745e31193bc1c2fb3520fa (patch)
tree1a6cbc921f7e87f93e3b02c3cc52d41b87cd88f4 /tests/auto/network/ssl
parent79d900bee46cfe6dd7caeed8707c114059006c2e (diff)
QSslKey: Implement PKCS#8 support for the generic backend
This patch adds the ability to decode keys which are encoded with PKCS#8 using the generic back-end (used in winrt and secure transport). It works on both WinRT and macOS; however QSslKey seems unused in the WinRT backend and it seems only RSA keys can be used for certificates on macOS. Meaning that DSA and Ec, which in theory* should represent their unencrypted versions, can't currently be tested properly. * Can also be confirmed by loading the key using the ST or WinRT backend, calling toPem(), writing the output to a file and then loading the unencrypted key using openssl. [ChangeLog][QtNetwork][QSslKey] Added support for PKCS#8-encoded keys in the generic SSL back-end (used for SecureTransport on macOS and for WinRT). Note that it does not support keys encrypted with a PKCS#12 algorithm. Task-number: QTBUG-59068 Change-Id: Ib27338edc7dbcb5c5e4b02addfdb4b62ac93a4c3 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'tests/auto/network/ssl')
-rw-r--r--tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp19
1 files changed, 14 insertions, 5 deletions
diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
index e39bcd30e5..ddfe52c5e4 100644
--- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
@@ -164,10 +164,15 @@ void tst_QSslKey::createPlainTestRows(bool filter, QSsl::EncodingFormat format)
foreach (KeyInfo keyInfo, keyInfoList) {
if (filter && keyInfo.format != format)
continue;
-
+#ifdef Q_OS_WINRT
+ if (keyInfo.fileInfo.fileName().contains("RC2-64"))
+ continue; // WinRT treats RC2 as 128 bit
+#endif
#if !defined(QT_NO_SSL) && defined(QT_NO_OPENSSL) // generic backend
- if (keyInfo.fileInfo.fileName().contains("pkcs8"))
- continue; // The generic backend does not support pkcs8 (yet)
+ if (keyInfo.fileInfo.fileName().contains(QRegularExpression("-aes\\d\\d\\d-")))
+ continue; // No AES support in the generic back-end
+ if (keyInfo.fileInfo.fileName().contains("pkcs8-pkcs12"))
+ continue; // The generic back-end doesn't support PKCS#12 algorithms
#endif
QTest::newRow(keyInfo.fileInfo.fileName().toLatin1())
@@ -324,11 +329,15 @@ void tst_QSslKey::toPemOrDer()
QFETCH(QSsl::KeyType, type);
QFETCH(QSsl::EncodingFormat, format);
- if (QByteArray(QTest::currentDataTag()).contains("-pkcs8-")) // these are encrypted
+ QByteArray dataTag = QByteArray(QTest::currentDataTag());
+ if (dataTag.contains("-pkcs8-")) // these are encrypted
QSKIP("Encrypted PKCS#8 keys gets decrypted when loaded. So we can't compare it to the encrypted version.");
#ifndef QT_NO_OPENSSL
- if (QByteArray(QTest::currentDataTag()).contains("pkcs8"))
+ if (dataTag.contains("pkcs8"))
QSKIP("OpenSSL converts PKCS#8 keys to other formats, invalidating comparisons.");
+#else // !openssl
+ if (dataTag.contains("pkcs8") && dataTag.contains("rsa"))
+ QSKIP("PKCS#8 RSA keys are changed into a different format in the generic back-end, meaning the comparison fails.");
#endif // openssl
QByteArray encoded = readFile(absFilePath);