diff options
| author | Giuseppe D'Angelo <giuseppe.dangelo@kdab.com> | 2020-06-10 18:41:36 +0200 |
|---|---|---|
| committer | Giuseppe D'Angelo <giuseppe.dangelo@kdab.com> | 2020-07-17 17:50:54 +0200 |
| commit | d145dbc43f667bcb44213cfb3f12590b0dc3c92c (patch) | |
| tree | 4fd38bb637804cd701f915e066be3275f974b7fe /tests/auto/network | |
| parent | 4581cd5fb664676cadda855490b3f21c2ed28a58 (diff) | |
SSL: add an autotest for handling of illegal datetimes in certificates
At the moment it just exposes QTBUG-84676, that is, OpenSSL
and non-OpenSSL backend act differently. Went a bit overkill
in making it data-driven, so if someone wants to add more
samples it should be easier to do so.
Change-Id: I96538c9563d12d69c217415ba85e244dda5e0cd0
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'tests/auto/network')
| -rw-r--r-- | tests/auto/network/ssl/qsslcertificate/more-certificates/malformed-begin-end-dates.pem | 2 | ||||
| -rw-r--r-- | tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp | 41 |
2 files changed, 43 insertions, 0 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/more-certificates/malformed-begin-end-dates.pem b/tests/auto/network/ssl/qsslcertificate/more-certificates/malformed-begin-end-dates.pem new file mode 100644 index 0000000000..13a5182aee --- /dev/null +++ b/tests/auto/network/ssl/qsslcertificate/more-certificates/malformed-begin-end-dates.pem @@ -0,0 +1,2 @@ +-----BEGIN CERTIFICATE----- +MIIErzCCBFSgAwIBAgIQBaMIMVW6fgTAq8q7BU6m6TAKBggqhkjOPQQDAjBvMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEENsb3VkRmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkRmxhcmUgSW5jIEVDQyBDQS0yMB4XDTE5MDkxNzAwLDAwMFoXDTIwMDkxNjEyMDArMFowYTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnNULLNpc2NvMRkwFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMuMRIwEAYDVQQDEwl3d3cucXQuaW8wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATCHfRyOfNaR6ZIONJ2mUFGoMTB/mXT5/3+1BElqaexp5TtePMitpvzafO6lg9yrPnRCNOOLY8PVr8UsyE1vgd8o4IC3jCCAtowHwYDVR0jBBgwFoAUPnQtH89FdQR+P8Cihz5MQ4NRE8YwHQYDVR0OBBYEFJnMEH1N/llgjrkC0c4hQLigLYEnMBQGA1UdEQQNMAuCCXd3dy5xdC5pbzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHkGA1UdHwRyMHAwNqA0oDKGMGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9DbG91ZEZsYXJlSW5jRUNDQ0EyLmNybDA2oDSgMoYwaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Nsb3VkRmxhcmVJbmNFQ0NDQTIuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vQ2xvdWRGbGFyZUluY0VDQ0NBLTIuY3J0MAwGA1UdEwEB/wQCMAAwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAW0/KQEkAAAEAwBGMEQCIFudltIvq4YPoqY745zrVYE3+qrjbU6NuLCOMPLEMENTOFDEFAULTZoLW0POcpy1hB6r0LCam1AwM36sid3c2NQrHegB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbT8pAI0AAAQDAEYwRAIgYUe0AV7ZXULXW2B36PIxX0jgNZBWVysxtS0r5FBLyoCIHAcTzYwd2twibcSnO4H5POizARztY9B1DQJyrjVxLpKMAoGCCqGSM49BAMCA0kAMEYCIQCjNusXAtuu6/nEz8acpiL294GDtxhaP7cHNbB9O5/GjgIhAObs7/s8+q6q8FVHAetQ2gBkOBtN4uGkYqv1hwsc73Sf-----END CERTIFICATE-----
\ No newline at end of file diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index ee2b05aada..e84d4eb667 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -106,6 +106,8 @@ private slots: void version_data(); void version(); void pkcs12(); + void invalidDateTime_data(); + void invalidDateTime(); // helper for verbose test failure messages QString toString(const QList<QSslError>&); @@ -1370,6 +1372,45 @@ void tst_QSslCertificate::pkcs12() nocert.close(); } +void tst_QSslCertificate::invalidDateTime_data() +{ + QTest::addColumn<QString>("path"); + QTest::addColumn<bool>("effectiveDateIsValid"); + QTest::addColumn<bool>("expiryDateIsValid"); + + QTest::addRow("invalid-begin-end") << testDataDir + "more-certificates/malformed-begin-end-dates.pem" + << false + << false; +} + +void tst_QSslCertificate::invalidDateTime() +{ + QFETCH(QString, path); + QFETCH(bool, effectiveDateIsValid); + QFETCH(bool, expiryDateIsValid); + + QList<QSslCertificate> certList = QSslCertificate::fromPath(path); + + // QTBUG-84676: on OpenSSL we get a valid certificate with null dates, + // on other backends we don't get a certificate at all. + switch (certList.size()) { + case 0: + break; + + case 1: { + const QSslCertificate &cert = certList.at(0); + QVERIFY(!cert.isNull()); + QCOMPARE(cert.effectiveDate().isValid(), effectiveDateIsValid); + QCOMPARE(cert.expiryDate().isValid(), expiryDateIsValid); + break; + } + + default: + QFAIL("Only one certificate should have been loaded"); + break; + } +} + #endif // QT_NO_SSL QTEST_MAIN(tst_QSslCertificate) |