Improve the security tests

This is a follow-up on the initial commit of the security tests. Includes the following changes: - Fixed the non-secure tests to run when security is not set up. - Renamed QCoapClientForSecurityTests::securityMissing() to securitySetupMissing() and added some comments to clarify its purpose. See 13d450eff784aedc8d005c0da76503647a30a934 for more details. Change-Id: If9fec1fcf7a1bdb9b20883ad37bf1286c53c1f45 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
author: Sona Kurazyan <sona.kurazyan@qt.io> 2019-07-18 13:50:11 +0200
committer: Sona Kurazyan <sona.kurazyan@qt.io> 2019-07-19 13:56:07 +0200
commit: f8e3dfedbabbe35e47306766e6fe67be5f401cf0 (patch)
tree: 1b48dd106e101c6a799e8fa541a8595c60036cb0 /tests
parent: 17253462336e398775e36289470b9bf357a3391b (diff)
2 files changed, 28 insertions, 12 deletions
diff --git a/tests/auto/coapnetworksettings.h b/tests/auto/coapnetworksettings.h
index acda397..7f425ff 100644
--- a/tests/auto/coapnetworksettings.h
+++ b/tests/auto/coapnetworksettings.h
@@ -153,7 +153,12 @@ QCoapSecurityConfiguration createConfiguration(QtCoap::SecurityMode securityMode
         QFile privateKey(privateKeyPath);
         if (privateKey.open(QIODevice::ReadOnly)) {
             QCoapPrivateKey key(privateKey.readAll(), QSsl::Ec);
-            configuration.setPrivateKey(key);
+            if (key.isNull()) {
+                qWarning() << "Failed to set a private key, the key" << privateKeyPath
+                           << "is not valid.";
+            } else {
+                configuration.setPrivateKey(key);
+            }
         } else {
             qWarning() << "Failed to read the private key" << privateKeyPath;
         }
diff --git a/tests/auto/qcoapclient/tst_qcoapclient.cpp b/tests/auto/qcoapclient/tst_qcoapclient.cpp
index 696a6b6..b7844b7 100644
--- a/tests/auto/qcoapclient/tst_qcoapclient.cpp
+++ b/tests/auto/qcoapclient/tst_qcoapclient.cpp
@@ -95,10 +95,13 @@ public:
             setSecurityConfiguration(createConfiguration(security));
     }
 
-    bool securityMissing() const
+    bool securitySetupMissing() const
     {
 #if QT_CONFIG(dtls)
         if (securityMode == QtCoap::SecurityMode::PreSharedKey) {
+            // The Californium test server accepts only PSK-AES128-CCM8 and PSK-AES128-CBC-SHA256
+            // ciphers. Make sure that the required ciphers are present, otherwise the test
+            // should be skipped.
             const auto ciphers = QSslConfiguration::defaultDtlsConfiguration().ciphers();
             const auto it = std::find_if(ciphers.cbegin(), ciphers.cend(),
                                          [](const QSslCipher &cipher) {
@@ -107,12 +110,20 @@ public:
                                          });
             return it == ciphers.cend();
         }
+        // For all other modes the setup should be OK, return false.
         return false;
 #else
-        return true;
+        // If dtls is not configured, the setup for the secure modes is missing,
+        // but it is OK if security is not used.
+        return isSecure();
 #endif
     }
 
+    bool isSecure() const
+    {
+        return securityMode != QtCoap::SecurityMode::NoSecurity;
+    }
+
 private:
     QtCoap::SecurityMode securityMode;
 };
@@ -345,7 +356,7 @@ void tst_QCoapClient::methods()
     QFETCH(QtCoap::SecurityMode, security);
 
     QCoapClientForSecurityTests client(security);
-    if (client.securityMissing())
+    if (client.securitySetupMissing())
         QSKIP("Skipping this test, security is not configured properly");
 
     QCoapRequest request(url);
@@ -369,7 +380,7 @@ void tst_QCoapClient::methods()
     QVERIFY2(!reply.isNull(), "Request failed unexpectedly");
 #ifdef QT_BUILD_INTERNAL
     QCOMPARE(reply->url(),
-             QCoapRequestPrivate::adjustedUrl(url, security != QtCoap::SecurityMode::NoSecurity));
+             QCoapRequestPrivate::adjustedUrl(url, client.isSecure()));
 #endif
     QSignalSpy spyReplyFinished(reply.data(), SIGNAL(finished(QCoapReply *)));
     QTRY_COMPARE(spyReplyFinished.count(), 1);
@@ -523,7 +534,7 @@ void tst_QCoapClient::multipleRequests()
     QFETCH(QtCoap::SecurityMode, security);
 
     QCoapClientForSecurityTests client(security);
-    if (client.securityMissing())
+    if (client.securitySetupMissing())
         QSKIP("Skipping this test, security is not configured properly");
 
     QUrl url = QUrl(testServerResource());
@@ -750,7 +761,7 @@ void tst_QCoapClient::blockwiseReply()
     QFETCH(QtCoap::SecurityMode, security);
 
     QCoapClientForSecurityTests client(security);
-    if (client.securityMissing())
+    if (client.securitySetupMissing())
         QSKIP("Skipping this test, security is not configured properly");
 
     QCoapRequest request(url);
@@ -820,7 +831,7 @@ void tst_QCoapClient::blockwiseRequest()
     QFETCH(QtCoap::SecurityMode, security);
 
     QCoapClientForSecurityTests client(security);
-    if (client.securityMissing())
+    if (client.securitySetupMissing())
         QSKIP("Skipping this test, security is not configured properly");
 
     client.setBlockSize(16);
@@ -866,7 +877,7 @@ void tst_QCoapClient::discover()
     QFETCH(QtCoap::SecurityMode, security);
 
     QCoapClientForSecurityTests client(security);
-    if (client.securityMissing())
+    if (client.securitySetupMissing())
         QSKIP("Skipping this test, security is not configured properly");
 
     QScopedPointer<QCoapResourceDiscoveryReply> resourcesReply(client.discover(url)); // /.well-known/core
@@ -878,7 +889,7 @@ void tst_QCoapClient::discover()
     const auto discoverUrl = QUrl(url.toString() + "/.well-known/core");
 #ifdef QT_BUILD_INTERNAL
     QCOMPARE(resourcesReply->url(),
-             QCoapRequestPrivate::adjustedUrl(discoverUrl, security != QtCoap::SecurityMode::NoSecurity));
+             QCoapRequestPrivate::adjustedUrl(discoverUrl, client.isSecure()));
 #endif
     QCOMPARE(resourcesReply->resources().length(), resourceNumber);
     QCOMPARE(resourcesReply->request().method(), QtCoap::Method::Get);
@@ -958,7 +969,7 @@ void tst_QCoapClient::observe()
     QFETCH(QtCoap::SecurityMode, security);
 
     QCoapClientForSecurityTests client(security);
-    if (client.securityMissing())
+    if (client.securitySetupMissing())
         QSKIP("Skipping this test, security is not configured properly");
 
     QCoapRequest request(url);
@@ -974,7 +985,7 @@ void tst_QCoapClient::observe()
     client.cancelObserve(reply.data());
 #ifdef QT_BUILD_INTERNAL
     QCOMPARE(reply->url(),
-             QCoapRequestPrivate::adjustedUrl(url, security != QtCoap::SecurityMode::NoSecurity));
+             QCoapRequestPrivate::adjustedUrl(url, client.isSecure()));
 #endif
     QCOMPARE(reply->request().method(), QtCoap::Method::Get);
author	Sona Kurazyan <sona.kurazyan@qt.io>	2019-07-18 13:50:11 +0200
committer	Sona Kurazyan <sona.kurazyan@qt.io>	2019-07-19 13:56:07 +0200
commit	f8e3dfedbabbe35e47306766e6fe67be5f401cf0 (patch)
tree	1b48dd106e101c6a799e8fa541a8595c60036cb0 /tests
parent	17253462336e398775e36289470b9bf357a3391b (diff)