diff options
Diffstat (limited to 'tests/auto/network/ssl/qsslkey')
-rw-r--r-- | tests/auto/network/ssl/qsslkey/BLACKLIST | 8 | ||||
-rw-r--r-- | tests/auto/network/ssl/qsslkey/CMakeLists.txt | 21 | ||||
-rwxr-xr-x | tests/auto/network/ssl/qsslkey/keys/genkeys.sh | 29 | ||||
-rw-r--r-- | tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp | 123 |
4 files changed, 88 insertions, 93 deletions
diff --git a/tests/auto/network/ssl/qsslkey/BLACKLIST b/tests/auto/network/ssl/qsslkey/BLACKLIST deleted file mode 100644 index 5705a1982d..0000000000 --- a/tests/auto/network/ssl/qsslkey/BLACKLIST +++ /dev/null @@ -1,8 +0,0 @@ -[constructor] -rhel -[length] -rhel -[toEncryptedPemOrDer] -rhel -[toPemOrDer] -rhel diff --git a/tests/auto/network/ssl/qsslkey/CMakeLists.txt b/tests/auto/network/ssl/qsslkey/CMakeLists.txt index 8bf450f8fd..aae017562a 100644 --- a/tests/auto/network/ssl/qsslkey/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslkey/CMakeLists.txt @@ -1,9 +1,16 @@ -# Generated from qsslkey.pro. +# Copyright (C) 2022 The Qt Company Ltd. +# SPDX-License-Identifier: BSD-3-Clause ##################################################################### ## tst_qsslkey Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslkey LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + # Collect test data file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} @@ -17,16 +24,22 @@ list(APPEND test_data ${test_data_glob}) qt_internal_add_test(tst_qsslkey SOURCES tst_qsslkey.cpp - PUBLIC_LIBRARIES + LIBRARIES Qt::Network TESTDATA ${test_data} + BUNDLE_ANDROID_OPENSSL_LIBS +) + +qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_developer_build AND QT_FEATURE_openssl_linked + LIBRARIES + WrapOpenSSL::WrapOpenSSL ) ## Scopes: ##################################################################### -qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_private_tests - PUBLIC_LIBRARIES +qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_developer_build + LIBRARIES Qt::CorePrivate Qt::NetworkPrivate ) diff --git a/tests/auto/network/ssl/qsslkey/keys/genkeys.sh b/tests/auto/network/ssl/qsslkey/keys/genkeys.sh index 0106953bff..afa4b7fe84 100755 --- a/tests/auto/network/ssl/qsslkey/keys/genkeys.sh +++ b/tests/auto/network/ssl/qsslkey/keys/genkeys.sh @@ -1,31 +1,6 @@ #!/bin/sh -############################################################################# -## -## Copyright (C) 2016 The Qt Company Ltd. -## Contact: https://www.qt.io/licensing/ -## -## This file is the build configuration utility of the Qt Toolkit. -## -## $QT_BEGIN_LICENSE:GPL-EXCEPT$ -## Commercial License Usage -## Licensees holding valid commercial Qt licenses may use this file in -## accordance with the commercial license agreement provided with the -## Software or, alternatively, in accordance with the terms contained in -## a written agreement between you and The Qt Company. For licensing terms -## and conditions see https://www.qt.io/terms-conditions. For further -## information use the contact form at https://www.qt.io/contact-us. -## -## GNU General Public License Usage -## Alternatively, this file may be used under the terms of the GNU -## General Public License version 3 as published by the Free Software -## Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT -## included in the packaging of this file. Please review the following -## information to ensure the GNU General Public License requirements will -## be met: https://www.gnu.org/licenses/gpl-3.0.html. -## -## $QT_END_LICENSE$ -## -############################################################################# +# Copyright (C) 2016 The Qt Company Ltd. +# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 # This script generates cryptographic keys of different types. diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp index e57409c665..79bae3c270 100644 --- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp +++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp @@ -1,30 +1,5 @@ -/**************************************************************************** -** -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the test suite of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:GPL-EXCEPT$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 3 as published by the Free Software -** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ +// Copyright (C) 2016 The Qt Company Ltd. +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <qsslkey.h> @@ -40,6 +15,8 @@ #include <QtCore/qdebug.h> #include <QtCore/qlist.h> +using namespace Qt::StringLiterals; + #ifdef QT_BUILD_INTERNAL #if QT_CONFIG(ssl) #include "private/qsslkey_p.h" @@ -115,6 +92,7 @@ private: QString testDataDir; bool fileContainsUnsupportedEllipticCurve(const QString &fileName) const; + bool algorithmsSupported(const QString &fileName) const; QVector<QString> unsupportedCurves; bool isOpenSsl = false; @@ -178,6 +156,37 @@ bool tst_QSslKey::fileContainsUnsupportedEllipticCurve(const QString &fileName) return false; } +bool tst_QSslKey::algorithmsSupported(const QString &fileName) const +{ +#if QT_CONFIG(ssl) + if (isSchannel && fileName.contains("RC2-64")) // Schannel treats RC2 as 128 bit + return false; + + if (isSchannel || isSecureTransport) { + // No AES support in the generic back-end, PKCS#12 algorithms not supported either. + return !(fileName.contains(QRegularExpression("-aes\\d\\d\\d-")) || fileName.contains("pkcs8-pkcs12")); + } + + if (!isOpenSsl || QSslSocket::sslLibraryVersionNumber() >> 28 < 3) + return true; + + // OpenSSL v3 first introduced the notion of 'providers'. Many algorithms + // were moved into the 'legacy' provider. While they are still supported in theory, + // the 'legacy' provider is NOT loaded by default and we are not loading it either. + // Thus, some of the keys we are using in tst_QSslKey would fail the test. We + // have to filter them out. + const auto name = fileName.toLower(); + if (name.contains("-des.")) + return false; + + return !name.contains("-rc2-") && !name.contains("-rc4-"); +#else + Q_UNUSED(fileName); + return false; +#endif // QT_CONFIG(ssl) +} + + void tst_QSslKey::initTestCase() { testDataDir = QFileInfo(QFINDTESTDATA("rsa-without-passphrase.pem")).absolutePath(); @@ -242,21 +251,12 @@ void tst_QSslKey::createPlainTestRows(bool pemOnly) QTest::addColumn<QSsl::KeyType>("type"); QTest::addColumn<int>("length"); QTest::addColumn<QSsl::EncodingFormat>("format"); - foreach (KeyInfo keyInfo, keyInfoList) { + for (const KeyInfo &keyInfo : std::as_const(keyInfoList)) { if (pemOnly && keyInfo.format != QSsl::EncodingFormat::Pem) continue; - if (isSchannel) { - if (keyInfo.fileInfo.fileName().contains("RC2-64")) - continue; // Schannel treats RC2 as 128 bit - } - - if (isSchannel || isSecureTransport) { - if (keyInfo.fileInfo.fileName().contains(QRegularExpression("-aes\\d\\d\\d-"))) - continue; // No AES support in the generic back-end - if (keyInfo.fileInfo.fileName().contains("pkcs8-pkcs12")) - continue; // The generic back-end doesn't support PKCS#12 algorithms - } + if (!algorithmsSupported(keyInfo.fileInfo.fileName())) + continue; QTest::newRow(keyInfo.fileInfo.fileName().toLatin1()) << keyInfo.fileInfo.absoluteFilePath() << keyInfo.algorithm << keyInfo.type @@ -317,7 +317,7 @@ void tst_QSslKey::constructorHandle() passphrase = "1234"; BIO* bio = q_BIO_new(q_BIO_s_mem()); - q_BIO_write(bio, pem.constData(), pem.length()); + q_BIO_write(bio, pem.constData(), pem.size()); EVP_PKEY *origin = func(bio, nullptr, nullptr, static_cast<void *>(passphrase.data())); Q_ASSERT(origin); q_EVP_PKEY_up_ref(origin); @@ -469,13 +469,18 @@ void tst_QSslKey::toEncryptedPemOrDer_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("password"); - QStringList passwords; - passwords << " " << "foobar" << "foo bar" - << "aAzZ`1234567890-=~!@#$%^&*()_+[]{}\\|;:'\",.<>/?"; // ### add more (?) - foreach (KeyInfo keyInfo, keyInfoList) { + const QString passwords[] = { + u" "_s, + u"foobar"_s, + u"foo bar"_s, + u"aAzZ`1234567890-=~!@#$%^&*()_+[]{}\\|;:'\",.<>/?"_s, + // ### add more (?) + }; + + for (const KeyInfo &keyInfo : std::as_const(keyInfoList)) { if (keyInfo.fileInfo.fileName().contains("pkcs8")) continue; // pkcs8 keys are encrypted in a different way than the other keys - foreach (QString password, passwords) { + for (const QString &password : passwords) { const QByteArray testName = keyInfo.fileInfo.fileName().toLatin1() + '-' + (keyInfo.algorithm == QSsl::Rsa ? "RSA" : (keyInfo.algorithm == QSsl::Dsa ? "DSA" : "EC")) @@ -550,9 +555,15 @@ void tst_QSslKey::passphraseChecks_data() const QByteArray pass("123"); const QByteArray aesPass("1234"); - QTest::newRow("DES") << QString(testDataDir + "rsa-with-passphrase-des.pem") << pass; + if (!isOpenSsl || QSslSocket::sslLibraryVersionNumber() >> 28 < 3) { + // DES and RC2 are not provided by default in OpenSSL v3. + // This part is for either non-OpenSSL build, or OpenSSL v < 3.x. + QTest::newRow("DES") << QString(testDataDir + "rsa-with-passphrase-des.pem") << pass; + QTest::newRow("RC2") << QString(testDataDir + "rsa-with-passphrase-rc2.pem") << pass; + } + QTest::newRow("3DES") << QString(testDataDir + "rsa-with-passphrase-3des.pem") << pass; - QTest::newRow("RC2") << QString(testDataDir + "rsa-with-passphrase-rc2.pem") << pass; + #if defined(QT_NO_OPENSSL) || !defined(OPENSSL_NO_AES) QTest::newRow("AES128") << QString(testDataDir + "rsa-with-passphrase-aes128.pem") << aesPass; QTest::newRow("AES192") << QString(testDataDir + "rsa-with-passphrase-aes192.pem") << aesPass; @@ -569,7 +580,7 @@ void tst_QSslKey::passphraseChecks() QVERIFY(keyFile.exists()); { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey); @@ -577,7 +588,7 @@ void tst_QSslKey::passphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, ""); @@ -585,7 +596,7 @@ void tst_QSslKey::passphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "WRONG!"); @@ -593,7 +604,7 @@ void tst_QSslKey::passphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, passphrase); @@ -611,7 +622,7 @@ void tst_QSslKey::noPassphraseChecks() QFile keyFile(fileName); { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey); @@ -619,7 +630,7 @@ void tst_QSslKey::noPassphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, ""); @@ -627,7 +638,7 @@ void tst_QSslKey::noPassphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "xxx"); @@ -649,6 +660,9 @@ void tst_QSslKey::encrypt_data() QTest::addColumn<QByteArray>("iv"); QByteArray iv("abcdefgh"); +#if OPENSSL_VERSION_MAJOR < 3 + // Either non-OpenSSL build, or OpenSSL v < 3 + // (with DES and other legacy algorithms available by default) QTest::newRow("DES-CBC, length 0") << Cipher::DesCbc << QByteArray("01234567") << QByteArray() @@ -738,6 +752,7 @@ void tst_QSslKey::encrypt_data() << QByteArray(8, 'a') << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE") << iv; +#endif // OPENSSL_VERSION_MAJOR #if defined(QT_NO_OPENSSL) || !defined(OPENSSL_NO_AES) // AES needs a longer IV |