diff options
Diffstat (limited to 'tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp')
-rw-r--r-- | tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp | 105 |
1 files changed, 81 insertions, 24 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index e89b7f5a44..fb26822894 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -34,6 +34,7 @@ #include <qsslcertificateextension.h> #ifndef QT_NO_OPENSSL +#include <openssl/opensslv.h> #include <openssl/obj_mac.h> #endif @@ -79,6 +80,9 @@ private slots: void subjectAlternativeNames_data(); void utf8SubjectNames(); void subjectAlternativeNames(); + void subjectInfoToString(); + void subjectIssuerDisplayName_data(); + void subjectIssuerDisplayName(); void publicKey_data(); void publicKey(); void toPemOrDer_data(); @@ -433,6 +437,63 @@ void tst_QSslCertificate::subjectAlternativeNames() } } +void tst_QSslCertificate::subjectInfoToString() +{ + QFile certFile(testDataDir + "more-certificates/aspiriniks.ca.crt"); + const bool ok = certFile.open(QIODevice::ReadOnly); + QVERIFY(ok); + const auto chain = QSslCertificate::fromDevice(&certFile, QSsl::Pem); + QCOMPARE(chain.size(), 1); + const auto cert = chain.at(0); + QVERIFY(!cert.isNull()); + + const auto testInfo = [&cert](QSslCertificate::SubjectInfo info, const QString &expected) { + const auto infoAsList = cert.subjectInfo(info); + if (infoAsList.size()) + return expected == infoAsList.at(0); + return expected == QString(); + }; + + QVERIFY(testInfo(QSslCertificate::Organization, QStringLiteral("TT ASA"))); + QVERIFY(testInfo(QSslCertificate::CommonName, QStringLiteral("aspiriniks.troll.no"))); + QVERIFY(testInfo(QSslCertificate::LocalityName, QStringLiteral("Oslo"))); + QVERIFY(testInfo(QSslCertificate::OrganizationalUnitName, QStringLiteral("QT SW"))); + QVERIFY(testInfo(QSslCertificate::CountryName, QStringLiteral("NO"))); + QVERIFY(testInfo(QSslCertificate::StateOrProvinceName, QStringLiteral("Oslo"))); + QVERIFY(testInfo(QSslCertificate::DistinguishedNameQualifier, QString())); + QVERIFY(testInfo(QSslCertificate::SerialNumber, QString())); +#ifndef QT_NO_OPENSSL + // TODO: check why generic code does not handle this! + QVERIFY(testInfo(QSslCertificate::EmailAddress, QStringLiteral("ababic@trolltech.com"))); +#endif +} + +void tst_QSslCertificate::subjectIssuerDisplayName_data() +{ + QTest::addColumn<QString>("certName"); + QTest::addColumn<QString>("expectedName"); + + QTest::addRow("CommonName") << QStringLiteral("more-certificates/cert-cn.pem") << QStringLiteral("YOUR name"); + QTest::addRow("OrganizationName") << QStringLiteral("more-certificates/cert-on.pem") << QStringLiteral("R&D"); + QTest::addRow("OrganizationUnitName") << QStringLiteral("more-certificates/cert-oun.pem") << QStringLiteral("Foundations"); +#ifndef QT_NO_OPENSSL + QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); +#endif +} + +void tst_QSslCertificate::subjectIssuerDisplayName() +{ + QFETCH(const QString, certName); + QFETCH(const QString, expectedName); + + const auto chain = QSslCertificate::fromPath(testDataDir + certName); + QCOMPARE(chain.size(), 1); + const auto cert = chain.at(0); + QVERIFY(!cert.isNull()); + QCOMPARE(cert.subjectDisplayName(), expectedName); + QCOMPARE(cert.issuerDisplayName(), expectedName); +} + void tst_QSslCertificate::utf8SubjectNames() { QSslCertificate cert = QSslCertificate::fromPath(testDataDir + "certificates/cert-ss-san-utf8.pem", QSsl::Pem, @@ -541,8 +602,15 @@ void tst_QSslCertificate::toPemOrDer() void tst_QSslCertificate::fromDevice() { QTest::ignoreMessage(QtWarningMsg, "QSslCertificate::fromDevice: cannot read from a null device"); - QList<QSslCertificate> certs = QSslCertificate::fromDevice(0); // don't crash + QList<QSslCertificate> certs = QSslCertificate::fromDevice(nullptr); // don't crash QVERIFY(certs.isEmpty()); + + QFile certFile(testDataDir + "certificates/cert.der"); + const bool ok = certFile.open(QIODevice::ReadOnly); + QVERIFY(ok); + const auto chain = QSslCertificate::fromDevice(&certFile, QSsl::Der); + QCOMPARE(chain.size(), 1); + QVERIFY(!chain.at(0).isNull()); } void tst_QSslCertificate::fromPath_data() @@ -990,38 +1058,22 @@ void tst_QSslCertificate::toText() QCOMPARE(certList.size(), 1); const QSslCertificate &cert = certList.at(0); - // Openssl's cert dump method changed slightly between 0.9.8, 1.0.0 and 1.01 versions, so we want it to match any output - - QFile f098(testDataDir + "more-certificates/cert-large-expiration-date.txt.0.9.8"); - QVERIFY(f098.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt098 = f098.readAll(); - - QFile f100(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.0.0"); - QVERIFY(f100.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt100 = f100.readAll(); - - QFile f101(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.0.1"); - QVERIFY(f101.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt101 = f101.readAll(); - - QFile f101c(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.0.1c"); - QVERIFY(f101c.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt101c = f101c.readAll(); - + // Openssl's cert dump method changed slightly between 1.1.1 and 3.0.5 versions, so we want it to match any output QFile f111(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.1.1"); QVERIFY(f111.open(QIODevice::ReadOnly | QFile::Text)); QByteArray txt111 = f111.readAll(); + QFile f305(testDataDir + "more-certificates/cert-large-expiration-date.txt.3.0.5"); + QVERIFY(f305.open(QIODevice::ReadOnly | QFile::Text)); + QByteArray txt305 = f305.readAll(); + QString txtcert = cert.toText(); #ifdef QT_NO_OPENSSL QEXPECT_FAIL("", "QTBUG-40884: QSslCertificate::toText is not implemented on WinRT", Continue); #endif - QVERIFY(QString::fromLatin1(txt098) == txtcert || - QString::fromLatin1(txt100) == txtcert || - QString::fromLatin1(txt101) == txtcert || - QString::fromLatin1(txt101c) == txtcert || - QString::fromLatin1(txt111) == txtcert ); + QVERIFY(QString::fromLatin1(txt111) == txtcert || + QString::fromLatin1(txt305) == txtcert); } void tst_QSslCertificate::multipleCommonNames() @@ -1061,6 +1113,7 @@ void tst_QSslCertificate::verify() #if QT_CONFIG(securetransport) QSKIP("Not implemented in SecureTransport"); #endif + QList<QSslError> errors; QList<QSslCertificate> toVerify; @@ -1399,6 +1452,10 @@ void tst_QSslCertificate::pkcs12() return; } +#if !defined(QT_NO_OPENSSL) && OPENSSL_VERSION_MAJOR >= 3 + QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); +#endif + QFile f(testDataDir + QLatin1String("pkcs12/leaf.p12")); bool ok = f.open(QIODevice::ReadOnly); QVERIFY(ok); |