From 19a1a0871d4a9081646925c422fe32e900846c2e Mon Sep 17 00:00:00 2001 From: Mikkel Krautz Date: Mon, 16 Jan 2017 21:43:12 +0100 Subject: QSslDiffieHellmanParameters: simplify defaultParameters() construction This commit simplifies defaultParameters() to simply construct an empty QSslDiffieHellmanParameters and assigning the DER-form of the DH parameters to QSslDiffieHellmanParametersPrivate's derData field. This creates a valid QSslDiffieHellmanParameters instance, but skips any potentially expensive verification steps. The previous implementation of defaultParameters() would use the public fromEncoded() method to construct an instance of the default parameters. This triggers a verification of the passed-in data, which can be expensive. To ensure our defaultParameters() QSslDiffieHellmanParameters instance does pass verification, this commit adds an autotest to verify that. Fixes QTBUG-57815. Change-Id: I6b1d9dbbfde526b232c319195ddbad42326be27c Task-number: QTBUG-57815 Reviewed-by: Timur Pocheptsov --- .../tst_qssldiffiehellmanparameters.cpp | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'tests') diff --git a/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp b/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp index f3b9003fbb..ddf503eed6 100644 --- a/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp +++ b/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp @@ -42,6 +42,13 @@ #include #include +// Default DH parameters, exported by qssldiffiehellmanparameters.cpp. +QT_BEGIN_NAMESPACE +extern Q_AUTOTEST_EXPORT const char *qssl_dhparams_default_base64; +QT_END_NAMESPACE + +QT_USE_NAMESPACE + class tst_QSslDiffieHellmanParameters : public QObject { Q_OBJECT @@ -54,6 +61,7 @@ private Q_SLOTS: void constructionPEM(); void unsafe512Bits(); void unsafeNonPrime(); + void defaultIsValid(); #endif }; @@ -157,6 +165,33 @@ void tst_QSslDiffieHellmanParameters::unsafeNonPrime() #endif } +void tst_QSslDiffieHellmanParameters::defaultIsValid() +{ + // The QSslDiffieHellmanParameters::defaultParameters() method takes a shortcut, + // by not verifying the passed-in parameters. Instead, it simply assigns the default + // DH parameters to the derData field of QSslDiffieHellmanParametersPrivate. + // + // This test ensures that our default parameters pass the internal verification tests + // by constructing, using fromEncoded(), a QSslDiffieHellmanParameters instance that + // we expect to be equivalent to the one returned by defaultParameters(). By using + // fromEncoded() we go through the internal verification mechanisms. Finally, to ensure + // the two instances are equivalent, we compare them. + + const auto dh = QSslDiffieHellmanParameters::fromEncoded( + QByteArray::fromBase64(QByteArray(qssl_dhparams_default_base64)), + QSsl::Der + ); + + const auto defaultdh = QSslDiffieHellmanParameters::defaultParameters(); + +#ifndef QT_NO_OPENSSL + QCOMPARE(dh.isEmpty(), false); + QCOMPARE(dh.isValid(), true); + QCOMPARE(dh.error(), QSslDiffieHellmanParameters::NoError); + QCOMPARE(dh, defaultdh); +#endif +} + #endif // QT_NO_SSL QTEST_MAIN(tst_QSslDiffieHellmanParameters) -- cgit v1.2.3