diff options
author | MÃ¥rten Nordheim <marten.nordheim@qt.io> | 2017-12-19 16:47:44 +0100 |
---|---|---|
committer | Simon Hausmann <simon.hausmann@qt.io> | 2018-04-23 12:55:38 +0000 |
commit | c45802e33a564bfca4745e31193bc1c2fb3520fa (patch) | |
tree | 1a6cbc921f7e87f93e3b02c3cc52d41b87cd88f4 /tests | |
parent | 79d900bee46cfe6dd7caeed8707c114059006c2e (diff) |
QSslKey: Implement PKCS#8 support for the generic backend
This patch adds the ability to decode keys which are encoded with PKCS#8
using the generic back-end (used in winrt and secure transport).
It works on both WinRT and macOS; however QSslKey seems unused in the
WinRT backend and it seems only RSA keys can be used for certificates
on macOS. Meaning that DSA and Ec, which in theory* should represent
their unencrypted versions, can't currently be tested properly.
* Can also be confirmed by loading the key using the ST or WinRT
backend, calling toPem(), writing the output to a file and then loading
the unencrypted key using openssl.
[ChangeLog][QtNetwork][QSslKey] Added support for PKCS#8-encoded keys
in the generic SSL back-end (used for SecureTransport on macOS and for
WinRT). Note that it does not support keys encrypted with a PKCS#12
algorithm.
Task-number: QTBUG-59068
Change-Id: Ib27338edc7dbcb5c5e4b02addfdb4b62ac93a4c3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp index e39bcd30e5..ddfe52c5e4 100644 --- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp +++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp @@ -164,10 +164,15 @@ void tst_QSslKey::createPlainTestRows(bool filter, QSsl::EncodingFormat format) foreach (KeyInfo keyInfo, keyInfoList) { if (filter && keyInfo.format != format) continue; - +#ifdef Q_OS_WINRT + if (keyInfo.fileInfo.fileName().contains("RC2-64")) + continue; // WinRT treats RC2 as 128 bit +#endif #if !defined(QT_NO_SSL) && defined(QT_NO_OPENSSL) // generic backend - if (keyInfo.fileInfo.fileName().contains("pkcs8")) - continue; // The generic backend does not support pkcs8 (yet) + if (keyInfo.fileInfo.fileName().contains(QRegularExpression("-aes\\d\\d\\d-"))) + continue; // No AES support in the generic back-end + if (keyInfo.fileInfo.fileName().contains("pkcs8-pkcs12")) + continue; // The generic back-end doesn't support PKCS#12 algorithms #endif QTest::newRow(keyInfo.fileInfo.fileName().toLatin1()) @@ -324,11 +329,15 @@ void tst_QSslKey::toPemOrDer() QFETCH(QSsl::KeyType, type); QFETCH(QSsl::EncodingFormat, format); - if (QByteArray(QTest::currentDataTag()).contains("-pkcs8-")) // these are encrypted + QByteArray dataTag = QByteArray(QTest::currentDataTag()); + if (dataTag.contains("-pkcs8-")) // these are encrypted QSKIP("Encrypted PKCS#8 keys gets decrypted when loaded. So we can't compare it to the encrypted version."); #ifndef QT_NO_OPENSSL - if (QByteArray(QTest::currentDataTag()).contains("pkcs8")) + if (dataTag.contains("pkcs8")) QSKIP("OpenSSL converts PKCS#8 keys to other formats, invalidating comparisons."); +#else // !openssl + if (dataTag.contains("pkcs8") && dataTag.contains("rsa")) + QSKIP("PKCS#8 RSA keys are changed into a different format in the generic back-end, meaning the comparison fails."); #endif // openssl QByteArray encoded = readFile(absFilePath); |