From 1cf971b99c85614edaccd86356700ad5de6837ea Mon Sep 17 00:00:00 2001
From: Richard Moore <rich@kde.org>
Date: Fri, 24 Jun 2011 21:40:52 +0100
Subject: Add a test for multiple CNs and fix the rest of the tests for the API

... change.

Add a new test for the support for repeated entries in the subject and
issuer. Fix the rest of the tests to pass with the new API.

Change-Id: I25fa84089e4aff5f15f53858171ce98b7fbf9dd7
Merge-request: 5
Reviewed-on: http://codereview.qt.nokia.com/798
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
---
 .../more-certificates/test-cn-two-cns-cert.pem     | 67 ++++++++++++++++++++++
 tests/auto/qsslcertificate/tst_qsslcertificate.cpp | 40 ++++++++-----
 2 files changed, 93 insertions(+), 14 deletions(-)
 create mode 100644 tests/auto/qsslcertificate/more-certificates/test-cn-two-cns-cert.pem

(limited to 'tests')

diff --git a/tests/auto/qsslcertificate/more-certificates/test-cn-two-cns-cert.pem b/tests/auto/qsslcertificate/more-certificates/test-cn-two-cns-cert.pem
new file mode 100644
index 0000000000..bc43c63f21
--- /dev/null
+++ b/tests/auto/qsslcertificate/more-certificates/test-cn-two-cns-cert.pem
@@ -0,0 +1,67 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 10 (0xa)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: CN=Westpoint Certificate Test CA, ST=Lancashire, C=UK/emailAddress=ca@example.com, O=Westpoint Certificate Test Root Certification Authority
+        Validity
+            Not Before: Jun 21 21:32:19 2011 GMT
+            Not After : Jun 18 21:32:19 2021 GMT
+        Subject: CN=www.example.com, CN=www2.example.com, ST=Lancashire, C=UK, O=Some organisation
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:b8:b3:72:13:cd:17:2c:01:78:16:62:5d:72:71:
+                    33:14:41:be:0c:17:ac:85:db:f8:1e:e8:55:98:3e:
+                    7b:46:a5:08:a7:db:0e:dc:78:d8:b7:1e:e0:78:30:
+                    6e:b9:e2:43:2e:f2:7d:98:fb:b4:a8:5e:63:42:e8:
+                    5c:26:79:20:5e:f6:0e:1d:12:ac:c5:0e:a4:b6:68:
+                    79:5f:3d:52:ce:44:f9:20:c9:8e:b3:fb:20:42:d5:
+                    97:9f:a4:41:8f:b8:b1:8d:c3:14:61:70:b8:d1:f7:
+                    ff:48:99:c1:a0:dd:71:cb:8b:91:e6:60:29:1e:af:
+                    a9:00:91:d2:c3:af:7f:cd:f9
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Authority Information Access: 
+                OCSP - URI:http://ocsp.example.com:8888/
+
+    Signature Algorithm: sha1WithRSAEncryption
+        4c:c8:bc:0e:84:4b:bb:9e:c1:7b:81:4d:65:60:e5:d1:86:6a:
+        00:f2:fb:ff:6d:a1:23:a1:88:c7:85:4a:b2:3d:24:cf:92:c8:
+        ab:60:10:b8:17:fa:d2:4f:60:cd:94:40:2a:b7:6e:4a:e9:f9:
+        2b:e6:54:70:7f:f3:71:f8:fc:45:df:cf:43:f4:26:d6:73:69:
+        b3:ff:d9:da:dc:12:05:e2:52:62:2f:d4:b0:0a:e3:a1:e8:f2:
+        c1:80:b7:44:8e:3a:46:ca:1b:6d:82:c0:16:c2:f6:4f:56:89:
+        24:86:42:8e:f9:5e:63:91:7d:88:ff:c4:bd:0d:f5:00:ad:ba:
+        6c:fd:5d:02:32:4f:94:3f:4e:10:4a:a6:15:c2:77:e6:be:a0:
+        ea:15:e3:49:40:e8:f0:7d:e0:fe:33:f2:6b:36:a6:a6:70:52:
+        21:d2:ff:ee:ce:2d:46:50:dd:c2:19:4d:9a:1a:f1:a8:e8:45:
+        41:2d:6e:29:d3:c8:59:69:dd:1b:5c:21:21:31:b6:be:98:64:
+        31:a2:3e:a6:36:9c:27:8f:86:bb:0e:aa:67:f1:0b:e1:ea:d6:
+        d6:50:72:6c:24:cd:85:8e:32:26:45:44:2e:7c:83:69:54:9b:
+        8b:1b:94:71:ba:8e:49:77:dd:d1:d4:30:a6:56:80:95:5e:6b:
+        b8:11:bf:b0
+-----BEGIN CERTIFICATE-----
+MIIDXjCCAkagAwIBAgIBCjANBgkqhkiG9w0BAQUFADCBqzEmMCQGA1UEAxMdV2Vz
+dHBvaW50IENlcnRpZmljYXRlIFRlc3QgQ0ExEzARBgNVBAgTCkxhbmNhc2hpcmUx
+CzAJBgNVBAYTAlVLMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLmNvbTFAMD4G
+A1UEChM3V2VzdHBvaW50IENlcnRpZmljYXRlIFRlc3QgUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eTAeFw0xMTA2MjEyMTMyMTlaFw0yMTA2MTgyMTMyMTlaMHMx
+GDAWBgNVBAMTD3d3dy5leGFtcGxlLmNvbTEZMBcGA1UEAxMQd3d3Mi5leGFtcGxl
+LmNvbTETMBEGA1UECBMKTGFuY2FzaGlyZTELMAkGA1UEBhMCVUsxGjAYBgNVBAoT
+EVNvbWUgb3JnYW5pc2F0aW9uMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4
+s3ITzRcsAXgWYl1ycTMUQb4MF6yF2/ge6FWYPntGpQin2w7ceNi3HuB4MG654kMu
+8n2Y+7SoXmNC6FwmeSBe9g4dEqzFDqS2aHlfPVLORPkgyY6z+yBC1ZefpEGPuLGN
+wxRhcLjR9/9ImcGg3XHLi5HmYCker6kAkdLDr3/N+QIDAQABo0gwRjAJBgNVHRME
+AjAAMDkGCCsGAQUFBwEBBC0wKzApBggrBgEFBQcwAYYdaHR0cDovL29jc3AuZXhh
+bXBsZS5jb206ODg4OC8wDQYJKoZIhvcNAQEFBQADggEBAEzIvA6ES7uewXuBTWVg
+5dGGagDy+/9toSOhiMeFSrI9JM+SyKtgELgX+tJPYM2UQCq3bkrp+SvmVHB/83H4
+/EXfz0P0JtZzabP/2drcEgXiUmIv1LAK46Ho8sGAt0SOOkbKG22CwBbC9k9WiSSG
+Qo75XmORfYj/xL0N9QCtumz9XQIyT5Q/ThBKphXCd+a+oOoV40lA6PB94P4z8ms2
+pqZwUiHS/+7OLUZQ3cIZTZoa8ajoRUEtbinTyFlp3RtcISExtr6YZDGiPqY2nCeP
+hrsOqmfxC+Hq1tZQcmwkzYWOMiZFRC58g2lUm4sblHG6jkl33dHUMKZWgJVea7gR
+v7A=
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
index 17f8b77f6a..e95af1e97c 100644
--- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
+++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
@@ -114,6 +114,7 @@ private slots:
     void largeExpirationDate();
     void blacklistedCertificates();
     void toText();
+    void multipleCommonNames();
 
 // ### add tests for certificate bundles (multiple certificates concatenated into a single
 //     structure); both PEM and DER formatted
@@ -195,8 +196,8 @@ void tst_QSslCertificate::emptyConstructor()
     QCOMPARE(certificate.version() , QByteArray());
     QCOMPARE(certificate.serialNumber(), QByteArray());
     QCOMPARE(certificate.digest(), QCryptographicHash::hash(QByteArray(), QCryptographicHash::Md5));
-    QCOMPARE(certificate.issuerInfo(QSslCertificate::Organization)[0], QString());
-    QCOMPARE(certificate.subjectInfo(QSslCertificate::Organization)[0], QString());
+    QCOMPARE(certificate.issuerInfo(QSslCertificate::Organization), QStringList());
+    QCOMPARE(certificate.subjectInfo(QSslCertificate::Organization), QStringList());
     QCOMPARE(certificate.alternateSubjectNames(),(QMultiMap<QSsl::AlternateNameEntryType, QString>()));
 #ifndef QT_NO_TEXTSTREAM
     QCOMPARE(certificate.effectiveDate(), QDateTime());
@@ -682,31 +683,31 @@ void tst_QSslCertificate::certInfo()
 
     QCOMPARE(cert.issuerInfo(QSslCertificate::Organization)[0], QString("CryptSoft Pty Ltd"));
     QCOMPARE(cert.issuerInfo(QSslCertificate::CommonName)[0], QString("Test CA (1024 bit)"));
-    QCOMPARE(cert.issuerInfo(QSslCertificate::LocalityName)[0], QString());
-    QCOMPARE(cert.issuerInfo(QSslCertificate::OrganizationalUnitName)[0], QString());
+    QCOMPARE(cert.issuerInfo(QSslCertificate::LocalityName), QStringList());
+    QCOMPARE(cert.issuerInfo(QSslCertificate::OrganizationalUnitName), QStringList());
     QCOMPARE(cert.issuerInfo(QSslCertificate::CountryName)[0], QString("AU"));
     QCOMPARE(cert.issuerInfo(QSslCertificate::StateOrProvinceName)[0], QString("Queensland"));
 
     QCOMPARE(cert.issuerInfo("O")[0], QString("CryptSoft Pty Ltd"));
     QCOMPARE(cert.issuerInfo("CN")[0], QString("Test CA (1024 bit)"));
-    QCOMPARE(cert.issuerInfo("L")[0], QString());
-    QCOMPARE(cert.issuerInfo("OU")[0], QString());
+    QCOMPARE(cert.issuerInfo("L"), QStringList());
+    QCOMPARE(cert.issuerInfo("OU"), QStringList());
     QCOMPARE(cert.issuerInfo("C")[0], QString("AU"));
     QCOMPARE(cert.issuerInfo("ST")[0], QString("Queensland"));
 
-    QCOMPARE(cert.subjectInfo(QSslCertificate::Organization)[0], QString());
+    QCOMPARE(cert.subjectInfo(QSslCertificate::Organization), QStringList());
     QCOMPARE(cert.subjectInfo(QSslCertificate::CommonName)[0], QString("name/with/slashes"));
-    QCOMPARE(cert.subjectInfo(QSslCertificate::LocalityName)[0], QString());
-    QCOMPARE(cert.subjectInfo(QSslCertificate::OrganizationalUnitName)[0], QString());
+    QCOMPARE(cert.subjectInfo(QSslCertificate::LocalityName), QStringList());
+    QCOMPARE(cert.subjectInfo(QSslCertificate::OrganizationalUnitName), QStringList());
     QCOMPARE(cert.subjectInfo(QSslCertificate::CountryName)[0], QString("NO"));
-    QCOMPARE(cert.subjectInfo(QSslCertificate::StateOrProvinceName)[0], QString());
+    QCOMPARE(cert.subjectInfo(QSslCertificate::StateOrProvinceName), QStringList());
 
-    QCOMPARE(cert.subjectInfo("O")[0], QString());
+    QCOMPARE(cert.subjectInfo("O"), QStringList());
     QCOMPARE(cert.subjectInfo("CN")[0], QString("name/with/slashes"));
-    QCOMPARE(cert.subjectInfo("L")[0], QString());
-    QCOMPARE(cert.subjectInfo("OU")[0], QString());
+    QCOMPARE(cert.subjectInfo("L"), QStringList());
+    QCOMPARE(cert.subjectInfo("OU"), QStringList());
     QCOMPARE(cert.subjectInfo("C")[0], QString("NO"));
-    QCOMPARE(cert.subjectInfo("ST")[0], QString());
+    QCOMPARE(cert.subjectInfo("ST"), QStringList());
 
     QCOMPARE(cert.version(), QByteArray::number(1));
     QCOMPARE(cert.serialNumber(), QByteArray::number(17));
@@ -871,6 +872,17 @@ void tst_QSslCertificate::toText()
     QVERIFY(txtOld == cert.toText() || txtNew == cert.toText());
 }
 
+void tst_QSslCertificate::multipleCommonNames()
+{
+    QList<QSslCertificate> certList =
+        QSslCertificate::fromPath(SRCDIR "more-certificates/test-cn-two-cns-cert.pem");
+    QVERIFY2(certList.count() > 0, "Please run this test from the source directory");
+
+    QStringList commonNames = certList[0].subjectInfo(QSslCertificate::CommonName);
+    QVERIFY(commonNames.contains(QString("www.example.com")));
+    QVERIFY(commonNames.contains(QString("www2.example.com")));
+}
+
 #endif // QT_NO_OPENSSL
 
 QTEST_MAIN(tst_QSslCertificate)
-- 
cgit v1.2.3