summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorJeremy Lainé <jeremy.laine@m4x.org>2014-08-30 12:26:19 +0200
committerJeremy Lainé <jeremy.laine@m4x.org>2014-08-30 17:24:05 +0200
commit2fd0afc1f87edf28295caeaeb8a830d888a3e81b (patch)
tree7fbebfc06d09e41b1aab14784c8f3f9b691d35db /tests
parent74a7f13ac153fa9c48ee72909ce0b3e4b4e882da (diff)
ssl: add a test for 3DES encrypted keys
This adds a test for 3DES encrypted keys in addition to the current DES encrypted keys. Change-Id: I229e3ef710e9ee23efa2a3275b89d958491de4a2 Reviewed-by: Richard J. Moore <rich@kde.org>
Diffstat (limited to 'tests')
-rw-r--r--tests/auto/network/ssl/qsslkey/rsa-with-passphrase-3des.pem18
-rw-r--r--tests/auto/network/ssl/qsslkey/rsa-with-passphrase-des.pem (renamed from tests/auto/network/ssl/qsslkey/rsa-with-passphrase.pem)0
-rw-r--r--tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp139
3 files changed, 94 insertions, 63 deletions
diff --git a/tests/auto/network/ssl/qsslkey/rsa-with-passphrase-3des.pem b/tests/auto/network/ssl/qsslkey/rsa-with-passphrase-3des.pem
new file mode 100644
index 0000000000..6f04c0615a
--- /dev/null
+++ b/tests/auto/network/ssl/qsslkey/rsa-with-passphrase-3des.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,8963B71DA5F406B2
+
+95nMwjY/6wRlQU/F09WlGniwxkqct0Kr4/75stXAYJU/i56dyWHN22xJFB2SGaRO
+Bi2g+hQnczyQ9qCpdxIzHvTo9Z1yRRdSZxtsdw57ZDYo9xtoRXQdNFCb1gbsSrlf
+yZNRKueRCr/TFcxYcrZveUWwEssuZbztNW+deF/NSz35XJrI2C6MwTdm+lDTN6lS
+AI/F7bGB0k+9nlIHNVgXPLnGOStIWhbTBbYtGryh0j/y913dtZX1djUHHmGCdEP6
+7WnfoD4v+5ux1YFb051xJJP+3lRE4evXJe0vzZAs5Lqy3qta/uwc3nV2oERursCM
+roWkjZkP6TPAMFmkgQu1eHViL1u5CD+mYD/wDj2YwCIh8U2A5BN8KqM0N4bLEoPI
+dcW2Pu60VEpMyeSKOSIyJsvT7F9M9/FpyNg5QW4BfrZNkVb/d7NROu/Lg5Oy4uf9
+a38tTgrQFQXcZFHbnTKD6VabCsZnVK0mFsEloUaTYalLTB6+C+jh7q3D08Re2OAB
+g9yQshBx5DreOL4Y6rb1N6DqUqem4FqKbPP+x6URSf4SrXvH4jkBkk2AiQjc0oWl
+5qvUt11LQOEMdvajlRicjlMm9KtV6+jRuSIeKgZqLpyja/4l+mX+G2X4pCbOiHFV
+I5mRLLb3Cn7JEv6XlAZ1sjRZX7iS7sWFi3pzj6/i5JiH6RiQPHRmygrEUPdtD6J7
+d1W+fEh/osK+lB5Faa82oWrwxbdtgrNhKdQp1dkGezHe6WpBv8iMbTqXMBJHH/Pj
+/hFc4FkZMYEZwKEVQ2Cyjq9kzKLnAS9s6x6PchagmNL20b5liB7V/w==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/auto/network/ssl/qsslkey/rsa-with-passphrase.pem b/tests/auto/network/ssl/qsslkey/rsa-with-passphrase-des.pem
index cb29becc31..cb29becc31 100644
--- a/tests/auto/network/ssl/qsslkey/rsa-with-passphrase.pem
+++ b/tests/auto/network/ssl/qsslkey/rsa-with-passphrase-des.pem
diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
index 445fdc7df4..ebe9f0f4d2 100644
--- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
@@ -87,7 +87,9 @@ private slots:
void toEncryptedPemOrDer_data();
void toEncryptedPemOrDer();
+ void passphraseChecks_data();
void passphraseChecks();
+ void noPassphraseChecks();
#endif
private:
QString testDataDir;
@@ -347,77 +349,88 @@ void tst_QSslKey::toEncryptedPemOrDer()
// ### add a test to verify that public keys are _decrypted_ correctly (by the ctor)
}
+void tst_QSslKey::passphraseChecks_data()
+{
+ QTest::addColumn<QString>("fileName");
+
+ QTest::newRow("DES") << QString(testDataDir + "/rsa-with-passphrase-des.pem");
+ QTest::newRow("3DES") << QString(testDataDir + "/rsa-with-passphrase-3des.pem");
+}
+
void tst_QSslKey::passphraseChecks()
{
+ QFETCH(QString, fileName);
+
+ QFile keyFile(fileName);
+ QVERIFY(keyFile.exists());
{
- QString fileName(testDataDir + "/rsa-with-passphrase.pem");
- QFile keyFile(fileName);
- QVERIFY(keyFile.exists());
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey);
- QVERIFY(key.isNull()); // null passphrase => should not be able to decode key
- }
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "");
- QVERIFY(key.isNull()); // empty passphrase => should not be able to decode key
- }
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "WRONG!");
- QVERIFY(key.isNull()); // wrong passphrase => should not be able to decode key
- }
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey);
+ QVERIFY(key.isNull()); // null passphrase => should not be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "");
+ QVERIFY(key.isNull()); // empty passphrase => should not be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "WRONG!");
+ QVERIFY(key.isNull()); // wrong passphrase => should not be able to decode key
+ }
#ifdef QT_NO_OPENSSL
- QEXPECT_FAIL("", "Encrypted keys require support from the SSL backend", Abort);
+ QEXPECT_FAIL("", "Encrypted keys require support from the SSL backend", Abort);
#endif
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "123");
- QVERIFY(!key.isNull()); // correct passphrase
- }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "123");
+ QVERIFY(!key.isNull()); // correct passphrase
}
+}
+void tst_QSslKey::noPassphraseChecks()
+{
+ // be sure and check a key without passphrase too
+ QString fileName(testDataDir + "/rsa-without-passphrase.pem");
+ QFile keyFile(fileName);
{
- // be sure and check a key without passphrase too
- QString fileName(testDataDir + "/rsa-without-passphrase.pem");
- QFile keyFile(fileName);
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey);
- QVERIFY(!key.isNull()); // null passphrase => should be able to decode key
- }
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "");
- QVERIFY(!key.isNull()); // empty passphrase => should be able to decode key
- }
- {
- if (!keyFile.isOpen())
- keyFile.open(QIODevice::ReadOnly);
- else
- keyFile.reset();
- QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "xxx");
- QVERIFY(!key.isNull()); // passphrase given but key is not encrypted anyway => should work
- }
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey);
+ QVERIFY(!key.isNull()); // null passphrase => should be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "");
+ QVERIFY(!key.isNull()); // empty passphrase => should be able to decode key
+ }
+#ifdef QT_NO_OPENSSL
+ QEXPECT_FAIL("", "Encrypted keys require support from the SSL backend", Abort);
+#endif
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "xxx");
+ QVERIFY(!key.isNull()); // passphrase given but key is not encrypted anyway => should work
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 10:58:55 +0000