summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/network/ssl/qsslkey.cpp4
-rw-r--r--tests/auto/qsslkey/rsa-with-passphrase.pem18
-rw-r--r--tests/auto/qsslkey/rsa-without-passphrase.pem15
-rw-r--r--tests/auto/qsslkey/tst_qsslkey.cpp72
4 files changed, 106 insertions, 3 deletions
diff --git a/src/network/ssl/qsslkey.cpp b/src/network/ssl/qsslkey.cpp
index 41b2384..da39662 100644
--- a/src/network/ssl/qsslkey.cpp
+++ b/src/network/ssl/qsslkey.cpp
@@ -119,9 +119,7 @@ void QSslKeyPrivate::decodePem(const QByteArray &pem, const QByteArray &passPhra
if (!bio)
return;
- void *phrase = passPhrase.isEmpty()
- ? (void *)0
- : (void *)passPhrase.constData();
+ void *phrase = (void *)passPhrase.constData();
if (algorithm == QSsl::Rsa) {
RSA *result = (type == QSsl::PublicKey)
diff --git a/tests/auto/qsslkey/rsa-with-passphrase.pem b/tests/auto/qsslkey/rsa-with-passphrase.pem
new file mode 100644
index 0000000..cb29bec
--- /dev/null
+++ b/tests/auto/qsslkey/rsa-with-passphrase.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-CBC,36BD1242254C5E1E
+
+sqt8qlQfkjJiz0djd0WYjhN/IGxA/nU/wVKuf5RWDAghDBrABzJ3dU4Jh1WIsS4+
+f22TBr6fwgjpPxGkt361Z9oxon/QeyBZLFtyUxnFSqZcVMMR3vndtMyYJbVKjRm1
+lvF3BjFWNh6+SZe20cut2GiUJDqhw7RbjaAN6LaCpFqwusY6vbjW6vzB8ezDvLou
+5jQAkwArGoI0KqUMwBOYukiWdBA0iERavspKGRnB3mGtgv5ziTEFzx58mn1Lv3Qs
+LYQqTYgzpFyAMP9SZaRv4m/y5O9foAXnlh0GhmDWBQ2D5flwZqrIAzoJ5BcZKU6/
+HJCh4snw3kheeE8NhrlzypEONedvu4ifUbqN5idMU7S4t40NAmQ/dF0Z4wDen/M/
+iFbt5tTWh6sXK82XzJtAfprH07odtJHK7CMeurCi5BupmnLtPbUrl6hpKItBzu+g
+7MB5AyNk548V9Y8+kKBtEG5EgYZrMYX4yqQ+Z8F1hy0UUMXu9cAnO06OTavxLtWJ
+ikmwYJNy421Hj+oZVSagCUILQyUfgx6fXWwDRqy/stlX+hpPPjVmd/A2WBm5x/Sf
+5CGfUtddZRuAZpChBXV6a/R+nMzDXhkKl4XTkN8hg3yXLY6xy3CR3RIYDlKkn85y
+VziP32V6Bc8ucGifsZLNnvj8CFXTZP+8CWun9yLSkcq+wm4cQOLswztEMA8bbPJQ
+g7Gp59BC4ofN5bMZ1R1z+l96x+YMY9btkyjE1uEyRT88dHwxnkhC5AKBx2P6sg0C
+doe5Dh8Ny5Ic24ibwyvZbAS46tSVdha7ACGnGXV4Z3iqBfN0b0UNmw==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/auto/qsslkey/rsa-without-passphrase.pem b/tests/auto/qsslkey/rsa-without-passphrase.pem
new file mode 100644
index 0000000..f7c834b
--- /dev/null
+++ b/tests/auto/qsslkey/rsa-without-passphrase.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQC1mZlLC6g8/vaw8XEOQ59gwQ5WxIvcKCSx7B5SHaeN8zzbENpl
+32BtyfrCccHF7j6qwfMZ2RwM5RTlFw/eBF4SSXAgp/P5CgcugSs1dOJUfPveos/5
+h3fmnUcKeQIU4m5EGcQicmR8//WUUfdtHDp/fJ0dRXcY2tTOx89vNPEtgwIDAQAB
+AoGBAKqE2f4vqf/sYPPxInmEYclWPgKXd8R4JUy0LBxrIAQYXBJPluOFhmRQ/hdK
+/eq/NTTd/UlOJhqtmJsstoeAjlsELl2AejX2n1B9aSffQ0WzdB5gVMNotPGRKRIG
+eOq2pp2JOFkGps11LUAqDEMNUb3EV6HiBucoGEOUpdITLrRxAkEA4Ul3o44wMvIb
+muwp7/erSvDMWRZ1GjksEmBMAHL6y8avZd9UgrjHeCy8uHXrT0id4Cig8FA+nQA5
+UwTr9y5e9wJBAM5bc8xuAuCg4Si3exssFfxQIxFTmPzhkVubglO9IcLqfXLl3k5S
+CxgRb/4pBMKVRCMRXAkaZpjJqTIofjp4ptUCQQC4hySnot932zchPi9bjtGPII1A
+q1RfllSy+I1IEOW745HnL3ZZXGCF3p71uCB1YFVwNdcc/51Jm9VYWr+sRx8hAkBL
+KoTDsk7aA8AAVNVC0Iwxm/8qEIlpk8Ce3cZbOklR9pg7gf+4B6qC2dcxfT9+oWBw
+ZaJgrn0wqkQ3QQi5w7kBAkBAR2tKc2OqnljMPnXYEreRyHHjhqCsJYFAE7u16cY/
+NQGJq9jBAD5WANclrYRxKtD6yohi+Y7Vi7+SXve3pGdF
+-----END RSA PRIVATE KEY-----
diff --git a/tests/auto/qsslkey/tst_qsslkey.cpp b/tests/auto/qsslkey/tst_qsslkey.cpp
index d156344..3c8ae11 100644
--- a/tests/auto/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/qsslkey/tst_qsslkey.cpp
@@ -99,6 +99,7 @@ private slots:
void toEncryptedPemOrDer_data();
void toEncryptedPemOrDer();
+ void passphraseChecks();
#endif
};
@@ -371,6 +372,77 @@ void tst_QSslKey::toEncryptedPemOrDer()
// ### add a test to verify that public keys are _decrypted_ correctly (by the ctor)
}
+void tst_QSslKey::passphraseChecks()
+{
+ {
+ QString fileName(SRCDIR "/rsa-with-passphrase.pem");
+ QFile keyFile(fileName);
+ QVERIFY(keyFile.exists());
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey);
+ QVERIFY(key.isNull()); // null passphrase => should not be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "");
+ QVERIFY(key.isNull()); // empty passphrase => should not be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "WRONG!");
+ QVERIFY(key.isNull()); // wrong passphrase => should not be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "123");
+ QVERIFY(!key.isNull()); // correct passphrase
+ }
+ }
+
+ {
+ // be sure and check a key without passphrase too
+ QString fileName(SRCDIR "/rsa-without-passphrase.pem");
+ QFile keyFile(fileName);
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey);
+ QVERIFY(!key.isNull()); // null passphrase => should be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "");
+ QVERIFY(!key.isNull()); // empty passphrase => should be able to decode key
+ }
+ {
+ if (!keyFile.isOpen())
+ keyFile.open(QIODevice::ReadOnly);
+ else
+ keyFile.reset();
+ QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "xxx");
+ QVERIFY(!key.isNull()); // passphrase given but key is not encrypted anyway => should work
+ }
+ }
+}
+
#endif
QTEST_MAIN(tst_QSslKey)