diff options
author | Richard J. Moore <rich@kde.org> | 2014-05-10 22:49:37 +0100 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2014-05-11 23:50:03 +0200 |
commit | 50e8e9538511e3cdf837264f8d676be9899b2b07 (patch) | |
tree | 45c5ac2a3ea584532b816ec8c7fecb1535de0063 /tests/auto | |
parent | 3e9904b98bf99794560eb75ea55c3dd0eaa3507c (diff) |
Add support for loading PKCS#12 bundles.
Add support for loading certificates and keys from PKCS#12 bundles
(also known as pfx files).
Task-number: QTBUG-1565
[ChangeLog][QtNetwork][QSslSocket] Support for loading PKCS#12
bundles was added. These are often used to transport keys and
certificates conveniently, particularly when making use of
client certificates.
Change-Id: Idaeb2cb4dac4b19881a5c99c7c0a7eea00c2b207
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Diffstat (limited to 'tests/auto')
-rw-r--r-- | tests/auto/network/ssl/qsslsocket/certs/README | 7 | ||||
-rw-r--r-- | tests/auto/network/ssl/qsslsocket/certs/fluke.p12 | bin | 0 -> 2797 bytes | |||
-rw-r--r-- | tests/auto/network/ssl/qsslsocket/certs/leaf.p12 | bin | 0 -> 3821 bytes | |||
-rw-r--r-- | tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp | 47 |
4 files changed, 54 insertions, 0 deletions
diff --git a/tests/auto/network/ssl/qsslsocket/certs/README b/tests/auto/network/ssl/qsslsocket/certs/README new file mode 100644 index 0000000000..704646c212 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/README @@ -0,0 +1,7 @@ +The PKCS#12 bundle was created by running: + +openssl pkcs12 -export -in leaf.crt -inkey leaf.key \ + -out leaf.p12 \ + -certfile inter.crt -CAfile ca.crt + +No password was provided. diff --git a/tests/auto/network/ssl/qsslsocket/certs/fluke.p12 b/tests/auto/network/ssl/qsslsocket/certs/fluke.p12 Binary files differnew file mode 100644 index 0000000000..f11e550e88 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/fluke.p12 diff --git a/tests/auto/network/ssl/qsslsocket/certs/leaf.p12 b/tests/auto/network/ssl/qsslsocket/certs/leaf.p12 Binary files differnew file mode 100644 index 0000000000..cb89aadb73 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/leaf.p12 diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index 30a9e19138..1ed2a98ed7 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -194,6 +194,7 @@ private slots: void qtbug18498_peek2(); void dhServer(); void ecdhServer(); + void pkcs12(); void setEmptyDefaultConfiguration(); // this test should be last static void exitLoop() @@ -2734,6 +2735,52 @@ void tst_QSslSocket::ecdhServer() QVERIFY(client->state() == QAbstractSocket::ConnectedState); } +void tst_QSslSocket::pkcs12() +{ + if (!QSslSocket::supportsSsl()) { + qWarning("SSL not supported, skipping test"); + return; + } + + QFETCH_GLOBAL(bool, setProxy); + if (setProxy) + return; + + QFile f(QLatin1String(SRCDIR "certs/leaf.p12")); + bool ok = f.open(QIODevice::ReadOnly); + QVERIFY(ok); + + QSslKey key; + QSslCertificate cert; + QList<QSslCertificate> caCerts; + + ok = QSslSocket::importPKCS12(&f, &key, &cert, &caCerts); + QVERIFY(ok); + f.close(); + + QList<QSslCertificate> leafCert = QSslCertificate::fromPath(SRCDIR "certs/leaf.crt"); + QVERIFY(!leafCert.isEmpty()); + + QCOMPARE(cert, leafCert.first()); + + QFile f2(QLatin1String(SRCDIR "certs/leaf.key")); + ok = f2.open(QIODevice::ReadOnly); + QVERIFY(ok); + + QSslKey leafKey(&f2, QSsl::Rsa); + f2.close(); + + QVERIFY(!leafKey.isNull()); + QCOMPARE(key, leafKey); + + QList<QSslCertificate> caCert = QSslCertificate::fromPath(SRCDIR "certs/inter.crt"); + QVERIFY(!caCert.isEmpty()); + + QVERIFY(!caCerts.isEmpty()); + QCOMPARE(caCerts.first(), caCert.first()); + QCOMPARE(caCerts, caCert); +} + void tst_QSslSocket::setEmptyDefaultConfiguration() // this test should be last, as it has some side effects { // used to produce a crash in QSslConfigurationPrivate::deepCopyDefaultConfiguration, QTBUG-13265 |