diff options
Diffstat (limited to 'tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp')
-rw-r--r-- | tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp | 78 |
1 files changed, 49 insertions, 29 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index 89499e8291..b51053effd 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> @@ -102,7 +102,31 @@ private slots: #endif // QT_CONFIG(ssl) private: QString testDataDir; - bool isNonOpenSslTls = false; + + enum class TLSBackend { + OpenSSL, + Schannel, + SecureTransport, + CertOnly, + Unknown, + }; + static TLSBackend currentBackend() + { + static TLSBackend activeBackend = []() { + using namespace Qt::StringLiterals; + const QString active = QSslSocket::activeBackend(); + if (active == "openssl"_L1) + return TLSBackend::OpenSSL; + if (active == "schannel") + return TLSBackend::Schannel; + if (active == "securetransport") + return TLSBackend::SecureTransport; + if (active == "cert-only") + return TLSBackend::CertOnly; + return TLSBackend::Unknown; + }(); + return activeBackend; + } }; void tst_QSslCertificate::initTestCase() @@ -113,16 +137,14 @@ void tst_QSslCertificate::initTestCase() if (!testDataDir.endsWith(QLatin1String("/"))) testDataDir += QLatin1String("/"); - isNonOpenSslTls = QSslSocket::activeBackend() != QStringLiteral("openssl"); - QDir dir(testDataDir + "certificates"); - QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); + const QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); QRegularExpression rxCert(QLatin1String("^.+\\.(pem|der)$")); QRegularExpression rxSan(QLatin1String("^(.+\\.(?:pem|der))\\.san$")); QRegularExpression rxPubKey(QLatin1String("^(.+\\.(?:pem|der))\\.pubkey$")); QRegularExpression rxDigest(QLatin1String("^(.+\\.(?:pem|der))\\.digest-(md5|sha1)$")); QRegularExpressionMatch match; - foreach (QFileInfo fileInfo, fileInfoList) { + for (const QFileInfo &fileInfo : fileInfoList) { if ((match = rxCert.match(fileInfo.fileName())).hasMatch()) certInfoList << CertInfo(fileInfo, @@ -185,7 +207,7 @@ void tst_QSslCertificate::createTestRows() { QTest::addColumn<QString>("absFilePath"); QTest::addColumn<QSsl::EncodingFormat>("format"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QTest::newRow(certInfo.fileInfo.fileName().toLatin1()) << certInfo.fileInfo.absoluteFilePath() << certInfo.format; } @@ -316,7 +338,7 @@ void tst_QSslCertificate::digest_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("absFilePath_digest_md5"); QTest::addColumn<QString>("absFilePath_digest_sha1"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); QTest::newRow(certName.toLatin1()) << certInfo.fileInfo.absoluteFilePath() @@ -369,7 +391,7 @@ void tst_QSslCertificate::subjectAlternativeNames_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("subjAltNameFilePath"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); if (subjAltNameMap.contains(certName)) QTest::newRow(certName.toLatin1()) @@ -451,7 +473,7 @@ void tst_QSslCertificate::subjectInfoToString() QVERIFY(testInfo(QSslCertificate::DistinguishedNameQualifier, QString())); QVERIFY(testInfo(QSslCertificate::SerialNumber, QString())); // TODO: check why generic code does not handle this! - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) QVERIFY(testInfo(QSslCertificate::EmailAddress, QStringLiteral("ababic@trolltech.com"))); } @@ -463,9 +485,8 @@ void tst_QSslCertificate::subjectIssuerDisplayName_data() QTest::addRow("CommonName") << QStringLiteral("more-certificates/cert-cn.pem") << QStringLiteral("YOUR name"); QTest::addRow("OrganizationName") << QStringLiteral("more-certificates/cert-on.pem") << QStringLiteral("R&D"); QTest::addRow("OrganizationUnitName") << QStringLiteral("more-certificates/cert-oun.pem") << QStringLiteral("Foundations"); -#ifndef QT_NO_OPENSSL - QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); -#endif + if (currentBackend() == TLSBackend::OpenSSL) + QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); } void tst_QSslCertificate::subjectIssuerDisplayName() @@ -508,7 +529,7 @@ void tst_QSslCertificate::publicKey_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("pubkeyFilePath"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); if (pubkeyMap.contains(certName)) QTest::newRow(certName.toLatin1()) @@ -875,7 +896,7 @@ void tst_QSslCertificate::task256066toPem() void tst_QSslCertificate::nulInCN() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -895,7 +916,7 @@ void tst_QSslCertificate::nulInCN() void tst_QSslCertificate::nulInSan() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -962,7 +983,7 @@ void tst_QSslCertificate::selfsignedCertificates() void tst_QSslCertificate::toText() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("QSslCertificate::toText is not implemented on platforms which do not use openssl"); QList<QSslCertificate> certList = @@ -1012,7 +1033,7 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() QByteArray shortName("1.3.6.1.4.1.311.60.2.1.3"); #if !defined(QT_NO_OPENSSL) && defined(SN_jurisdictionCountryName) - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) shortName = SN_jurisdictionCountryName; #endif attributes = certList[0].subjectInfoAttributes(); @@ -1021,8 +1042,8 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() void tst_QSslCertificate::verify() { - if (isNonOpenSslTls) - QSKIP("Not implemented in SecureTransport or Schannel"); + if (currentBackend() != TLSBackend::OpenSSL) + QSKIP("Only implemented for OpenSSL"); QList<QSslError> errors; QList<QSslCertificate> toVerify; @@ -1061,7 +1082,7 @@ void tst_QSslCertificate::verify() toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); errors = QSslCertificate::verify(toVerify); bool foundBlack = false; - foreach (const QSslError &error, errors) { + for (const QSslError &error : std::as_const(errors)) { if (error.error() == QSslError::CertificateBlacklisted) { foundBlack = true; break; @@ -1107,9 +1128,8 @@ QString tst_QSslCertificate::toString(const QList<QSslError>& errors) { QStringList errorStrings; - foreach (const QSslError& error, errors) { + for (const QSslError &error : errors) errorStrings.append(QLatin1Char('"') + error.errorString() + QLatin1Char('"')); - } return QLatin1String("[ ") + errorStrings.join(QLatin1String(", ")) + QLatin1String(" ]"); } @@ -1363,9 +1383,8 @@ void tst_QSslCertificate::pkcs12() return; } -#if !defined(QT_NO_OPENSSL) && OPENSSL_VERSION_MAJOR >= 3 - QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); -#endif + if (currentBackend() == TLSBackend::OpenSSL && QSslSocket::sslLibraryVersionNumber() >= 0x30000000L) + QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); QFile f(testDataDir + QLatin1String("pkcs12/leaf.p12")); bool ok = f.open(QIODevice::ReadOnly); @@ -1375,8 +1394,8 @@ void tst_QSslCertificate::pkcs12() QSslCertificate cert; QList<QSslCertificate> caCerts; - if (isNonOpenSslTls) - QEXPECT_FAIL("", "pkcs12 imports are only supported when openssl is used", Abort); // TODO? + if (currentBackend() != TLSBackend::OpenSSL) + QEXPECT_FAIL("", "pkcs12 imports are not available with the current TLS backend", Abort); // TODO? ok = QSslCertificate::importPkcs12(&f, &key, &cert, &caCerts); QVERIFY(ok); @@ -1408,7 +1427,8 @@ void tst_QSslCertificate::pkcs12() QFile nocert(testDataDir + QLatin1String("pkcs12/leaf-nokey.p12")); ok = nocert.open(QIODevice::ReadOnly); QVERIFY(ok); - QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); + if (currentBackend() == TLSBackend::OpenSSL) + QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); ok = QSslCertificate::importPkcs12(&nocert, &key, &cert, &caCerts); QVERIFY(!ok); nocert.close(); |