Add elliptic curve support to QSsl

Add possibility to get length and other information of EC based certificates. Also it is possible to parse those public/private keys from PEM and DER encoded files. Based on patch by Remco Bloemen [ChangeLog][QtNetwork][SSL/TLS support] It is now possible to parse elliptic curve certificates. Change-Id: I4b11f726296aecda89c3cbd195d7c817ae6fc47b Task-number: QTBUG-18972 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
author: André Klitzing <aklitzing@gmail.com> 2014-11-18 10:18:18 +0100
committer: André Klitzing <aklitzing@gmail.com> 2015-01-18 10:18:43 +0100
commit: 962ea5690cb9351822c30da534ecae7aeeba667d (patch)
tree: c3fef960ae04c61bd55426cc05c7a910b8b48f52 /tests/auto
parent: a6a865e24999bf878f6f80341b7fc14f2b67a05e (diff)
14 files changed, 56 insertions, 3 deletions
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pri-224-secp224r1.der b/tests/auto/network/ssl/qsslkey/keys/ec-pri-224-secp224r1.der
new file mode 100644
index 0000000000..96bd7e5802
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pri-224-secp224r1.der
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pri-224-secp224r1.pem b/tests/auto/network/ssl/qsslkey/keys/ec-pri-224-secp224r1.pem
new file mode 100644
index 0000000000..9719604a5b
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pri-224-secp224r1.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MGgCAQEEHO64tAcs1VO7jI5uxJWVZ4Vl2Ich+pv8ctBzuaigBwYFK4EEACGhPAM6
+AATCe752GB/gfLn631dS6JYBBL+YcYeSakOWm/LnAuzyvtNlMDXWxmGpJScDcqYT
+okUBHW8YZbhj2A==
+-----END EC PRIVATE KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pri-256-prime256v1.der b/tests/auto/network/ssl/qsslkey/keys/ec-pri-256-prime256v1.der
new file mode 100644
index 0000000000..410ad8e950
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pri-256-prime256v1.der
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pri-256-prime256v1.pem b/tests/auto/network/ssl/qsslkey/keys/ec-pri-256-prime256v1.pem
new file mode 100644
index 0000000000..6a8af58066
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pri-256-prime256v1.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIPgxX3TR74wCm/Ivz0uEtk0cumCVxmKbd5Vf0p+fV84toAoGCCqGSM49
+AwEHoUQDQgAEVtbEzyqqHhBSH7Dsx8YVaC0YcvhvBA06fcva1vHZV4hJj7GL6yaO
+qjSIot2QW79M4ZoVFCu9GmOW+w+mjwMqNQ==
+-----END EC PRIVATE KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pri-384-secp384r1.der b/tests/auto/network/ssl/qsslkey/keys/ec-pri-384-secp384r1.der
new file mode 100644
index 0000000000..f9663cbf43
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pri-384-secp384r1.der
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pri-384-secp384r1.pem b/tests/auto/network/ssl/qsslkey/keys/ec-pri-384-secp384r1.pem
new file mode 100644
index 0000000000..53be8dfb52
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pri-384-secp384r1.pem
@@ -0,0 +1,6 @@
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDDRnUOmMxV2R44q5RoM4ldm9A+5T4Xxzp6hWdRWOdhkIozo5GtNnYX8
+ZI5P3zTywD+gBwYFK4EEACKhZANiAAS/u72YC+dGs8D8bH+zRnneVMNPfGKeQrdt
+avEiVfKO7nmGdPu7KK9HDQPiKbWc4Yxtn4n7tsKMKo4adnThakcjZxuCIVjmdHIP
+9Wy7ZWeOaHi32MLHWQqh0z2elC92SmM=
+-----END EC PRIVATE KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pub-224-secp224r1.der b/tests/auto/network/ssl/qsslkey/keys/ec-pub-224-secp224r1.der
new file mode 100644
index 0000000000..006a99437b
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pub-224-secp224r1.der
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pub-224-secp224r1.pem b/tests/auto/network/ssl/qsslkey/keys/ec-pub-224-secp224r1.pem
new file mode 100644
index 0000000000..901d69d424
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pub-224-secp224r1.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEwnu+dhgf4Hy5+t9XUuiWAQS/mHGHkmpD
+lpvy5wLs8r7TZTA11sZhqSUnA3KmE6JFAR1vGGW4Y9g=
+-----END PUBLIC KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pub-256-prime256v1.der b/tests/auto/network/ssl/qsslkey/keys/ec-pub-256-prime256v1.der
new file mode 100644
index 0000000000..82d3d462d9
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pub-256-prime256v1.der
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pub-256-prime256v1.pem b/tests/auto/network/ssl/qsslkey/keys/ec-pub-256-prime256v1.pem
new file mode 100644
index 0000000000..76ec2d4b0a
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pub-256-prime256v1.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVtbEzyqqHhBSH7Dsx8YVaC0Ycvhv
+BA06fcva1vHZV4hJj7GL6yaOqjSIot2QW79M4ZoVFCu9GmOW+w+mjwMqNQ==
+-----END PUBLIC KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pub-384-secp384r1.der b/tests/auto/network/ssl/qsslkey/keys/ec-pub-384-secp384r1.der
new file mode 100644
index 0000000000..aee76614f2
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pub-384-secp384r1.der
diff --git a/tests/auto/network/ssl/qsslkey/keys/ec-pub-384-secp384r1.pem b/tests/auto/network/ssl/qsslkey/keys/ec-pub-384-secp384r1.pem
new file mode 100644
index 0000000000..ec69ee21a6
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/keys/ec-pub-384-secp384r1.pem
@@ -0,0 +1,5 @@
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEv7u9mAvnRrPA/Gx/s0Z53lTDT3xinkK3
+bWrxIlXyju55hnT7uyivRw0D4im1nOGMbZ+J+7bCjCqOGnZ04WpHI2cbgiFY5nRy
+D/Vsu2Vnjmh4t9jCx1kKodM9npQvdkpj
+-----END PUBLIC KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/keys/genkeys.sh b/tests/auto/network/ssl/qsslkey/keys/genkeys.sh
index c9f2406cad..279e71e561 100755
--- a/tests/auto/network/ssl/qsslkey/keys/genkeys.sh
+++ b/tests/auto/network/ssl/qsslkey/keys/genkeys.sh
@@ -72,3 +72,25 @@ do
   echo -e "\ngenerating DSA public key to DER file ..."
   openssl dsa -in dsa-pri-$size.pem -pubout -out dsa-pub-$size.der -outform DER
 done
+
+#--- EC ----------------------------------------------------------------------------
+# Note: EC will be generated with pre-defined curves. You can check supported curves
+#       with openssl ecparam -list_curves.
+#       If OpenSSL 1.0.2 is available brainpool should be added!
+# brainpoolP256r1 brainpoolP384r1 brainpoolP512r1
+for curve in secp224r1 prime256v1 secp384r1
+do
+  size=`tr -cd 0-9 <<< $curve`
+  size=${size::-1} # remove last number of curve name as we need bit size only
+  echo -e "\ngenerating EC private key to PEM file ..."
+  openssl ecparam -name $curve -genkey -noout -out ec-pri-$size-$curve.pem
+
+  echo -e "\ngenerating EC private key to DER file ..."
+  openssl ec -in ec-pri-$size-$curve.pem -out ec-pri-$size-$curve.der -outform DER
+
+  echo -e "\ngenerating EC public key to PEM file ..."
+  openssl ec -in ec-pri-$size-$curve.pem -pubout -out ec-pub-$size-$curve.pem
+
+  echo -e "\ngenerating EC public key to DER file ..."
+  openssl ec -in ec-pri-$size-$curve.pem -pubout -out ec-pub-$size-$curve.der -outform DER
+done
diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
index 8083662d40..ddd8cb64aa 100644
--- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
@@ -105,12 +105,13 @@ void tst_QSslKey::initTestCase()
 
     QDir dir(testDataDir + "/keys");
     QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable);
-    QRegExp rx(QLatin1String("^(rsa|dsa)-(pub|pri)-(\\d+)\\.(pem|der)$"));
+    QRegExp rx(QLatin1String("^(rsa|dsa|ec)-(pub|pri)-(\\d+)-?\\w*\\.(pem|der)$"));
     foreach (QFileInfo fileInfo, fileInfoList) {
         if (rx.indexIn(fileInfo.fileName()) >= 0)
             keyInfoList << KeyInfo(
                 fileInfo,
-                rx.cap(1) == QLatin1String("rsa") ? QSsl::Rsa : QSsl::Dsa,
+                rx.cap(1) == QLatin1String("rsa") ? QSsl::Rsa :
+                (rx.cap(1) == QLatin1String("dsa") ? QSsl::Dsa : QSsl::Ec),
                 rx.cap(2) == QLatin1String("pub") ? QSsl::PublicKey : QSsl::PrivateKey,
                 rx.cap(3).toInt(),
                 rx.cap(4) == QLatin1String("pem") ? QSsl::Pem : QSsl::Der);
@@ -279,7 +280,8 @@ void tst_QSslKey::toEncryptedPemOrDer_data()
     foreach (KeyInfo keyInfo, keyInfoList) {
         foreach (QString password, passwords) {
             QString testName = QString("%1-%2-%3-%4-%5").arg(keyInfo.fileInfo.fileName())
-                .arg(keyInfo.algorithm == QSsl::Rsa ? "RSA" : "DSA")
+                .arg(keyInfo.algorithm == QSsl::Rsa ? "RSA" :
+                    (keyInfo.algorithm == QSsl::Dsa ? "DSA" : "EC"))
                 .arg(keyInfo.type == QSsl::PrivateKey ? "PrivateKey" : "PublicKey")
                 .arg(keyInfo.format == QSsl::Pem ? "PEM" : "DER")
                 .arg(password);
author	André Klitzing <aklitzing@gmail.com>	2014-11-18 10:18:18 +0100
committer	André Klitzing <aklitzing@gmail.com>	2015-01-18 10:18:43 +0100
commit	962ea5690cb9351822c30da534ecae7aeeba667d (patch)
tree	c3fef960ae04c61bd55426cc05c7a910b8b48f52 /tests/auto
parent	a6a865e24999bf878f6f80341b7fc14f2b67a05e (diff)