summaryrefslogtreecommitdiffstats
path: root/tests/auto/qsslcertificate
diff options
context:
space:
mode:
authorPierre Rossi <pierre.rossi@nokia.com>2011-03-21 17:15:01 (GMT)
committerPeter Hartmann <peter.hartmann@nokia.com>2011-05-23 15:24:19 (GMT)
commit19c77b5e5e5fefedafcfbd587c3fbb4114d7c641 (patch)
tree8434e89574912145a1695296c798d9e7d9a6e9ad /tests/auto/qsslcertificate
parent2e8d206fd9f656cd88b797c059ef83ed3df32881 (diff)
downloadQt-19c77b5e5e5fefedafcfbd587c3fbb4114d7c641.zip
Qt-19c77b5e5e5fefedafcfbd587c3fbb4114d7c641.tar.gz
Qt-19c77b5e5e5fefedafcfbd587c3fbb4114d7c641.tar.bz2
add auto test for SSL certificates containing utf8 characters
Task-number: QTBUG-7912 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Diffstat (limited to 'tests/auto/qsslcertificate')
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem16
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem.san5
-rwxr-xr-xtests/auto/qsslcertificate/certificates/gencertificates.sh10
-rw-r--r--tests/auto/qsslcertificate/tst_qsslcertificate.cpp32
4 files changed, 58 insertions, 5 deletions
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem b/tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem
new file mode 100644
index 0000000..e1b731d
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICkTCCAfqgAwIBAgIJAL1nF+PLAF2KMA0GCSqGSIb3DQEBBQUAMGkxKzApBgNV
+BAoMIkjElcSCxrLDvyDKjeG6v8qI4bq34bi7IFLDqWPDtnJkxZ0xFTATBgNVBAsM
+DOOIp0HjiYHvvatCQzEWMBQGA1UEAwwNSm9obm55IEd1aXRhcjELMAkGA1UEBhMC
+Tk8wHhcNMTEwNTA1MDgxMzEwWhcNMTEwNjA0MDgxMzEwWjBpMSswKQYDVQQKDCJI
+xJXEgsayw78gyo3hur/KiOG6t+G4uyBSw6ljw7ZyZMWdMRUwEwYDVQQLDAzjiKdB
+44mB772rQkMxFjAUBgNVBAMMDUpvaG5ueSBHdWl0YXIxCzAJBgNVBAYTAk5PMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2zSxS17I6596dJE/VAmGz+06D9S8n
+3C0hnIGNVu+LwbgDJTvOw0SzNj4UP72UGgd3UI1KLBg5XWIsRNmE3COJMMh6syjI
+L1Ept+tVXxGL6n4gl+0nZ7dkUyxJmeFtigYrL+qCH1yd5rmf3sC3jO4IosuAiG66
+IDkJEVo64NT8ZQIDAQABo0EwPzA9BgNVHREENjA0gQ9hcm5lQGZvb2Jhci5vcmeC
+Dnd3dy5mb29iYXIub3JngRFiamFybmVAZm9vYmFyLm9yZzANBgkqhkiG9w0BAQUF
+AAOBgQAqVhbC0/EUFdnKlYV3PrknwGX1dPEPGJuIQHa0KpoicvNiOhs1HxBDYbzc
+F6wcAMEynq4YwGKhcQLZOs2mo0LreAjA9rU/yBnqrnUW/4gxtUUvmJKK+62IjfLp
+eO1L+1NcEMJiaZf8fip4VXhXdOYUhgE8WUZ1UJRC6w3T/yAgcQ==
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem.san b/tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem.san
new file mode 100644
index 0000000..f46a637
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss-san-utf8.pem.san
@@ -0,0 +1,5 @@
+[subj_alt_name]
+subjectAltName=\
+ email:arne@foobar.org,\
+ DNS:www.foobar.org,\
+ email:bjarne@foobar.org
diff --git a/tests/auto/qsslcertificate/certificates/gencertificates.sh b/tests/auto/qsslcertificate/certificates/gencertificates.sh
index e705785..c8a5db6 100755
--- a/tests/auto/qsslcertificate/certificates/gencertificates.sh
+++ b/tests/auto/qsslcertificate/certificates/gencertificates.sh
@@ -90,5 +90,15 @@ openssl req -x509 -in req-san.pem -out $outname -key rsa-pri-1024.pem \
-config san.cnf -extensions subj_alt_name
/bin/cp san.cnf $outname.san
+#--- Non-ASCII Subject ---------------------------------------------------------------------
+echo -e "\n generating self signed root cert. with Subject containing UTF-8 characters ..."
+outname=cert-ss-san-utf8.pem
+#subject="/O=HĕĂƲÿ ʍếʈặḻ Récördŝ/OU=㈧A㉁ォBC/CN=Johnny Guitar/C=NO"
+subject=$'/O=H\xc4\x95\xc4\x82\xc6\xb2\xc3\xbf \xca\x8d\xe1\xba\xbf\xca\x88\xe1\xba\xb7\xe1\xb8\xbb R\xc3\xa9c\xc3\xb6rd\xc5\x9d/OU=\xe3\x88\xa7A\xe3\x89\x81\xef\xbd\xabBC/CN=Johnny Guitar/C=NO'
+openssl req -out req-san.pem -new -key rsa-pri-1024.pem -utf8 -subj "$subject"
+openssl req -x509 -in req-san.pem -out $outname -key rsa-pri-1024.pem \
+ -config san.cnf -extensions subj_alt_name -nameopt multiline,utf8,-esc_msb
+/bin/cp san.cnf $outname.san
+
echo -e "\n cleaning up ..."
/bin/rm rsa-pri-1024.pem rsa-pub-1024.* req*.pem
diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
index 57f2fa8..a91bf0f 100644
--- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
+++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
@@ -96,6 +96,7 @@ private slots:
void digest_data();
void digest();
void alternateSubjectNames_data();
+ void utf8SubjectNames();
void alternateSubjectNames();
void publicKey_data();
void publicKey();
@@ -407,6 +408,27 @@ void tst_QSslCertificate::alternateSubjectNames()
}
}
+void tst_QSslCertificate::utf8SubjectNames()
+{
+ QSslCertificate cert = QSslCertificate::fromPath("certificates/cert-ss-san-utf8.pem", QSsl::Pem,
+ QRegExp::FixedString).first();
+ QVERIFY(!cert.isNull());
+
+ // O is "Heavy Metal Records" with heavy use of "decorations" like accents, umlauts etc.,
+ // OU uses arabian / asian script letters near codepoint 64K.
+ // strings split where the compiler would otherwise find three-digit hex numbers
+ static const char *o = "H\xc4\x95\xc4\x82\xc6\xb2\xc3\xbf \xca\x8d\xe1\xba\xbf\xca\x88\xe1\xba"
+ "\xb7\xe1\xb8\xbb R\xc3\xa9" "c" "\xc3\xb6rd\xc5\x9d";
+ static const char *ou = "\xe3\x88\xa7" "A" "\xe3\x89\x81\xef\xbd\xab" "BC";
+
+ // the following two tests should help find "\x"-literal encoding bugs in the test itself
+ QCOMPARE(cert.subjectInfo("O").length(), QString::fromUtf8(o).length());
+ QCOMPARE (cert.subjectInfo("O").toUtf8().toHex(), QByteArray(o).toHex());
+
+ QCOMPARE(cert.subjectInfo("O"), QString::fromUtf8(o));
+ QCOMPARE(cert.subjectInfo("OU"), QString::fromUtf8(ou));
+}
+
void tst_QSslCertificate::publicKey_data()
{
QTest::addColumn<QString>("certFilePath");
@@ -519,13 +541,13 @@ void tst_QSslCertificate::fromPath_data()
QTest::newRow("\"certificates/*\" fixed der") << QString("certificates/*") << int(QRegExp::FixedString) << false << 0;
QTest::newRow("\"certificates/*\" regexp pem") << QString("certificates/*") << int(QRegExp::RegExp) << true << 0;
QTest::newRow("\"certificates/*\" regexp der") << QString("certificates/*") << int(QRegExp::RegExp) << false << 0;
- QTest::newRow("\"certificates/*\" wildcard pem") << QString("certificates/*") << int(QRegExp::Wildcard) << true << 4;
+ QTest::newRow("\"certificates/*\" wildcard pem") << QString("certificates/*") << int(QRegExp::Wildcard) << true << 5;
QTest::newRow("\"certificates/*\" wildcard der") << QString("certificates/*") << int(QRegExp::Wildcard) << false << 0;
QTest::newRow("\"c*/c*.pem\" fixed pem") << QString("c*/c*.pem") << int(QRegExp::FixedString) << true << 0;
QTest::newRow("\"c*/c*.pem\" fixed der") << QString("c*/c*.pem") << int(QRegExp::FixedString) << false << 0;
QTest::newRow("\"c*/c*.pem\" regexp pem") << QString("c*/c*.pem") << int(QRegExp::RegExp) << true << 0;
QTest::newRow("\"c*/c*.pem\" regexp der") << QString("c*/c*.pem") << int(QRegExp::RegExp) << false << 0;
- QTest::newRow("\"c*/c*.pem\" wildcard pem") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << true << 4;
+ QTest::newRow("\"c*/c*.pem\" wildcard pem") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << true << 5;
QTest::newRow("\"c*/c*.pem\" wildcard der") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << false << 0;
QTest::newRow("\"d*/c*.pem\" fixed pem") << QString("d*/c*.pem") << int(QRegExp::FixedString) << true << 0;
QTest::newRow("\"d*/c*.pem\" fixed der") << QString("d*/c*.pem") << int(QRegExp::FixedString) << false << 0;
@@ -535,7 +557,7 @@ void tst_QSslCertificate::fromPath_data()
QTest::newRow("\"d*/c*.pem\" wildcard der") << QString("d*/c*.pem") << int(QRegExp::Wildcard) << false << 0;
QTest::newRow("\"c.*/c.*.pem\" fixed pem") << QString("c.*/c.*.pem") << int(QRegExp::FixedString) << true << 0;
QTest::newRow("\"c.*/c.*.pem\" fixed der") << QString("c.*/c.*.pem") << int(QRegExp::FixedString) << false << 0;
- QTest::newRow("\"c.*/c.*.pem\" regexp pem") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << true << 4;
+ QTest::newRow("\"c.*/c.*.pem\" regexp pem") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << true << 5;
QTest::newRow("\"c.*/c.*.pem\" regexp der") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << false << 0;
QTest::newRow("\"c.*/c.*.pem\" wildcard pem") << QString("c.*/c.*.pem") << int(QRegExp::Wildcard) << true << 0;
QTest::newRow("\"c.*/c.*.pem\" wildcard der") << QString("c.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0;
@@ -546,7 +568,7 @@ void tst_QSslCertificate::fromPath_data()
QTest::newRow("\"d.*/c.*.pem\" wildcard pem") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << true << 0;
QTest::newRow("\"d.*/c.*.pem\" wildcard der") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0;
#ifdef Q_OS_LINUX
- QTest::newRow("absolute path wildcard pem") << QString(QDir::currentPath() + "/certificates/*.pem") << int(QRegExp::Wildcard) << true << 4;
+ QTest::newRow("absolute path wildcard pem") << QString(QDir::currentPath() + "/certificates/*.pem") << int(QRegExp::Wildcard) << true << 5;
#endif
QTest::newRow("trailing-whitespace") << QString("more-certificates/trailing-whitespace.pem") << int(QRegExp::FixedString) << true << 1;
@@ -769,7 +791,7 @@ void tst_QSslCertificate::nulInCN()
QString cn = cert.subjectInfo(QSslCertificate::CommonName);
QVERIFY(cn != "www.bank.com");
- static const char realCN[] = "www.bank.com\\x00.badguy.com";
+ static const char realCN[] = "www.bank.com\0.badguy.com";
QCOMPARE(cn, QString::fromLatin1(realCN, sizeof realCN - 1));
}