diff options
-rw-r--r-- | src/network/ssl/qssldiffiehellmanparameters.cpp | 18 | ||||
-rw-r--r-- | tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp | 35 |
2 files changed, 44 insertions, 9 deletions
diff --git a/src/network/ssl/qssldiffiehellmanparameters.cpp b/src/network/ssl/qssldiffiehellmanparameters.cpp index d0fcb3189a..de7eab9a9e 100644 --- a/src/network/ssl/qssldiffiehellmanparameters.cpp +++ b/src/network/ssl/qssldiffiehellmanparameters.cpp @@ -68,6 +68,12 @@ QT_BEGIN_NAMESPACE +// The 1024-bit MODP group from RFC 2459 (Second Oakley Group) +Q_AUTOTEST_EXPORT const char *qssl_dhparams_default_base64 = + "MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR" + "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL" + "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC"; + /*! Returns the default QSslDiffieHellmanParameters used by QSslSocket. @@ -76,15 +82,9 @@ QT_BEGIN_NAMESPACE */ QSslDiffieHellmanParameters QSslDiffieHellmanParameters::defaultParameters() { - // The 1024-bit MODP group from RFC 2459 (Second Oakley Group) - return fromEncoded( - QByteArray::fromBase64(QByteArrayLiteral( - "MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR" - "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL" - "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC" - )), - QSsl::Der - ); + QSslDiffieHellmanParameters def; + def.d->derData = QByteArray::fromBase64(QByteArray(qssl_dhparams_default_base64)); + return def; } /*! diff --git a/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp b/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp index f3b9003fbb..ddf503eed6 100644 --- a/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp +++ b/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp @@ -42,6 +42,13 @@ #include <QSslSocket> #include <QByteArray> +// Default DH parameters, exported by qssldiffiehellmanparameters.cpp. +QT_BEGIN_NAMESPACE +extern Q_AUTOTEST_EXPORT const char *qssl_dhparams_default_base64; +QT_END_NAMESPACE + +QT_USE_NAMESPACE + class tst_QSslDiffieHellmanParameters : public QObject { Q_OBJECT @@ -54,6 +61,7 @@ private Q_SLOTS: void constructionPEM(); void unsafe512Bits(); void unsafeNonPrime(); + void defaultIsValid(); #endif }; @@ -157,6 +165,33 @@ void tst_QSslDiffieHellmanParameters::unsafeNonPrime() #endif } +void tst_QSslDiffieHellmanParameters::defaultIsValid() +{ + // The QSslDiffieHellmanParameters::defaultParameters() method takes a shortcut, + // by not verifying the passed-in parameters. Instead, it simply assigns the default + // DH parameters to the derData field of QSslDiffieHellmanParametersPrivate. + // + // This test ensures that our default parameters pass the internal verification tests + // by constructing, using fromEncoded(), a QSslDiffieHellmanParameters instance that + // we expect to be equivalent to the one returned by defaultParameters(). By using + // fromEncoded() we go through the internal verification mechanisms. Finally, to ensure + // the two instances are equivalent, we compare them. + + const auto dh = QSslDiffieHellmanParameters::fromEncoded( + QByteArray::fromBase64(QByteArray(qssl_dhparams_default_base64)), + QSsl::Der + ); + + const auto defaultdh = QSslDiffieHellmanParameters::defaultParameters(); + +#ifndef QT_NO_OPENSSL + QCOMPARE(dh.isEmpty(), false); + QCOMPARE(dh.isValid(), true); + QCOMPARE(dh.error(), QSslDiffieHellmanParameters::NoError); + QCOMPARE(dh, defaultdh); +#endif +} + #endif // QT_NO_SSL QTEST_MAIN(tst_QSslDiffieHellmanParameters) |