summaryrefslogtreecommitdiffstats
path: root/tests/auto/qsslcertificate
diff options
context:
space:
mode:
Diffstat (limited to 'tests/auto/qsslcertificate')
-rw-r--r--tests/auto/qsslcertificate/.gitignore1
-rw-r--r--tests/auto/qsslcertificate/certificates/ca-cert.pem33
-rw-r--r--tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-md51
-rw-r--r--tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-sha11
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss-san.pem13
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss-san.pem.san5
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss.derbin0 -> 461 bytes
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss.der.pubkeybin0 -> 162 bytes
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss.pem12
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-md51
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-sha11
-rw-r--r--tests/auto/qsslcertificate/certificates/cert-ss.pem.pubkey6
-rw-r--r--tests/auto/qsslcertificate/certificates/cert.derbin0 -> 503 bytes
-rw-r--r--tests/auto/qsslcertificate/certificates/cert.der.pubkeybin0 -> 162 bytes
-rw-r--r--tests/auto/qsslcertificate/certificates/cert.pem13
-rw-r--r--tests/auto/qsslcertificate/certificates/cert.pem.digest-md51
-rw-r--r--tests/auto/qsslcertificate/certificates/cert.pem.digest-sha11
-rw-r--r--tests/auto/qsslcertificate/certificates/cert.pem.pubkey6
-rwxr-xr-xtests/auto/qsslcertificate/certificates/gencertificates.sh54
-rw-r--r--tests/auto/qsslcertificate/certificates/san.cnf5
-rw-r--r--tests/auto/qsslcertificate/more-certificates/trailing-whitespace.pem13
-rw-r--r--tests/auto/qsslcertificate/qsslcertificate.pro26
-rw-r--r--tests/auto/qsslcertificate/tst_qsslcertificate.cpp695
23 files changed, 888 insertions, 0 deletions
diff --git a/tests/auto/qsslcertificate/.gitignore b/tests/auto/qsslcertificate/.gitignore
new file mode 100644
index 0000000..25b3475
--- /dev/null
+++ b/tests/auto/qsslcertificate/.gitignore
@@ -0,0 +1 @@
+tst_qsslcertificate
diff --git a/tests/auto/qsslcertificate/certificates/ca-cert.pem b/tests/auto/qsslcertificate/certificates/ca-cert.pem
new file mode 100644
index 0000000..bcba68a
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/ca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
+MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
+KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
+yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
+b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
+5R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
+U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
+R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
+IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
+6aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
+3d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
+sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-md5 b/tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-md5
new file mode 100644
index 0000000..800a05b
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-md5
@@ -0,0 +1 @@
+MD5 Fingerprint=EF:02:83:EA:AC:AF:6A:D0:8D:4F:56:A8:2B:A1:C5:D3
diff --git a/tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-sha1 b/tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-sha1
new file mode 100644
index 0000000..df311a8
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/ca-cert.pem.digest-sha1
@@ -0,0 +1 @@
+SHA1 Fingerprint=A6:CC:2A:D7:E3:8F:49:E7:8B:4F:76:E8:E0:FA:37:5E:62:2F:66:23
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss-san.pem b/tests/auto/qsslcertificate/certificates/cert-ss-san.pem
new file mode 100644
index 0000000..3d0bdfc
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss-san.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB9zCCAWCgAwIBAgIJAIyyZjJFdeyIMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEUpvaG5ueSBHdWl0YXJDPU5PMB4XDTA3MDQyMDEwMzIzOVoXDTA3MDUyMDEw
+MzIzOVowHDEaMBgGA1UEAxMRSm9obm55IEd1aXRhckM9Tk8wgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBANPgV/8gMg5Gh4vhfcoUTHXTqhcEuCh5VE/h57Ea7uj4
+1/bQtUNUvRZO21KtAmLHkFLoNQqeYbFJ4ZP7u/R/WDNk76EQtYNcMmJgSu/QRlxj
+bEFFBOPPflQH7nYdneMegszzijRQ25oZhnjbyI0xZgqpNZwipBkC5lPgsrmlOckd
+AgMBAAGjQTA/MD0GA1UdEQQ2MDSBD2FybmVAZm9vYmFyLm9yZ4IOd3d3LmZvb2Jh
+ci5vcmeBEWJqYXJuZUBmb29iYXIub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFVqCnFr
+5EevQiVtAbDlTSbTJ3XWJSzjU0yf+tNYvPEIEqoDVh25YhSNWqRCMYFiUomj55WY
+Rf7C4JM/eRlo99xnR4OtJzfLi+q1eKhl53cuwooajRjVOxQsdHpke51L9UzibKGw
+0o8D/FNBw+D4GwIC1sdKw2UWAeaMhNzSEWKA
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss-san.pem.san b/tests/auto/qsslcertificate/certificates/cert-ss-san.pem.san
new file mode 100644
index 0000000..f46a637
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss-san.pem.san
@@ -0,0 +1,5 @@
+[subj_alt_name]
+subjectAltName=\
+ email:arne@foobar.org,\
+ DNS:www.foobar.org,\
+ email:bjarne@foobar.org
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss.der b/tests/auto/qsslcertificate/certificates/cert-ss.der
new file mode 100644
index 0000000..ea9eedc
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss.der
Binary files differ
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss.der.pubkey b/tests/auto/qsslcertificate/certificates/cert-ss.der.pubkey
new file mode 100644
index 0000000..48d2b99
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss.der.pubkey
Binary files differ
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss.pem b/tests/auto/qsslcertificate/certificates/cert-ss.pem
new file mode 100644
index 0000000..b2626f3
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIByTCCATICCQDiwxj6Xps7zDANBgkqhkiG9w0BAQUFADApMRowGAYDVQQDExFu
+YW1lL3dpdGgvc2xhc2hlczELMAkGA1UEBhMCTk8wHhcNMDcwNDE3MDc0MDI2WhcN
+MDcwNTE3MDc0MDI2WjApMRowGAYDVQQDExFuYW1lL3dpdGgvc2xhc2hlczELMAkG
+A1UEBhMCTk8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOud6QOsME+pWANE
+xxgmL0iT1ayg++hTxHsqAYnm/FoMxfUh+NdKkgJn2/GfNppinfPOSI667VqonU+7
+JBZDTLV5CPbZIo9fFQpDJQN6naev4yaxU1VeYFfI7S8c8zYKeGSR+RenNNeLvfH8
+0YxPpZZ1snv8IfDH2V8MVxiyr7lLAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAT9Kz
+0kg75nMzcg23J0q6OGvkj0VO6QOaAwqt6v+Kp5kgOzUEisbVt9oxZrWwkEw6dFNN
+cl7Blq6HQm6beezJobhEsi3G8OjVBrTDFb+jqPi/kwXuKL3QyfY2r/LRuINGrBDi
+Ewg7KuI0qZPe0bQ9NCM5TCD6qCj4vx3HdIHU4Ew=
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-md5 b/tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-md5
new file mode 100644
index 0000000..62f4d76
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-md5
@@ -0,0 +1 @@
+MD5 Fingerprint=F4:2B:9D:73:2B:C8:26:56:60:9C:7F:58:66:07:4A:46
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-sha1 b/tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-sha1
new file mode 100644
index 0000000..02430ed
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss.pem.digest-sha1
@@ -0,0 +1 @@
+SHA1 Fingerprint=B5:CF:31:AE:89:FB:BA:20:31:89:BA:71:06:7C:D7:84:9D:39:9E:46
diff --git a/tests/auto/qsslcertificate/certificates/cert-ss.pem.pubkey b/tests/auto/qsslcertificate/certificates/cert-ss.pem.pubkey
new file mode 100644
index 0000000..5344d11
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert-ss.pem.pubkey
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrnekDrDBPqVgDRMcYJi9Ik9Ws
+oPvoU8R7KgGJ5vxaDMX1IfjXSpICZ9vxnzaaYp3zzkiOuu1aqJ1PuyQWQ0y1eQj2
+2SKPXxUKQyUDep2nr+MmsVNVXmBXyO0vHPM2CnhkkfkXpzTXi73x/NGMT6WWdbJ7
+/CHwx9lfDFcYsq+5SwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/tests/auto/qsslcertificate/certificates/cert.der b/tests/auto/qsslcertificate/certificates/cert.der
new file mode 100644
index 0000000..aeb8571
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert.der
Binary files differ
diff --git a/tests/auto/qsslcertificate/certificates/cert.der.pubkey b/tests/auto/qsslcertificate/certificates/cert.der.pubkey
new file mode 100644
index 0000000..48d2b99
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert.der.pubkey
Binary files differ
diff --git a/tests/auto/qsslcertificate/certificates/cert.pem b/tests/auto/qsslcertificate/certificates/cert.pem
new file mode 100644
index 0000000..295010c
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB8zCCAVwCAREwDQYJKoZIhvcNAQEFBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDcwNDE3MDc0MDI2WhcNMDcwNTE3
+MDc0MDI2WjApMRowGAYDVQQDExFuYW1lL3dpdGgvc2xhc2hlczELMAkGA1UEBhMC
+Tk8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOud6QOsME+pWANExxgmL0iT
+1ayg++hTxHsqAYnm/FoMxfUh+NdKkgJn2/GfNppinfPOSI667VqonU+7JBZDTLV5
+CPbZIo9fFQpDJQN6naev4yaxU1VeYFfI7S8c8zYKeGSR+RenNNeLvfH80YxPpZZ1
+snv8IfDH2V8MVxiyr7lLAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAleaU4pgzV6KY
++q9QuXapUYMsC2GiNtDmkG3k+MTHUO8XlE4hqPrIM6rRf7zKQdZ950R2wL9FSnYl
+Qm1Tdv38dCka6ivMBqvRuOt9axH3m0G7nzHL7U3zaCbtEx3yVln+b3yYtiVpTuq0
+3MLrt7tQGAW6ra8ISf6YY1W65/uVXZE=
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/certificates/cert.pem.digest-md5 b/tests/auto/qsslcertificate/certificates/cert.pem.digest-md5
new file mode 100644
index 0000000..5333f63
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert.pem.digest-md5
@@ -0,0 +1 @@
+MD5 Fingerprint=B6:CF:57:34:DA:A9:73:21:82:F7:CF:4D:3D:85:31:88
diff --git a/tests/auto/qsslcertificate/certificates/cert.pem.digest-sha1 b/tests/auto/qsslcertificate/certificates/cert.pem.digest-sha1
new file mode 100644
index 0000000..62f84de
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert.pem.digest-sha1
@@ -0,0 +1 @@
+SHA1 Fingerprint=B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60
diff --git a/tests/auto/qsslcertificate/certificates/cert.pem.pubkey b/tests/auto/qsslcertificate/certificates/cert.pem.pubkey
new file mode 100644
index 0000000..5344d11
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/cert.pem.pubkey
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrnekDrDBPqVgDRMcYJi9Ik9Ws
+oPvoU8R7KgGJ5vxaDMX1IfjXSpICZ9vxnzaaYp3zzkiOuu1aqJ1PuyQWQ0y1eQj2
+2SKPXxUKQyUDep2nr+MmsVNVXmBXyO0vHPM2CnhkkfkXpzTXi73x/NGMT6WWdbJ7
+/CHwx9lfDFcYsq+5SwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/tests/auto/qsslcertificate/certificates/gencertificates.sh b/tests/auto/qsslcertificate/certificates/gencertificates.sh
new file mode 100755
index 0000000..2c0bdea
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/gencertificates.sh
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+# This script generates digital certificates of different types.
+
+#--- Certificates ---------------------------------------------------------------------------
+echo -e "\ngenerating 1024-bit RSA private key to PEM file ..."
+openssl genrsa -out rsa-pri-1024.pem 1024
+
+echo -e "\ngenerating the corresponding public key to PEM and DER file ..."
+openssl rsa -in rsa-pri-1024.pem -pubout -out rsa-pub-1024.pem
+openssl rsa -in rsa-pri-1024.pem -pubout -out rsa-pub-1024.der -outform der
+
+echo -e "\ngenerating certificate signing request (CSR) ..."
+openssl req -out req.pem -new -key rsa-pri-1024.pem -subj "/CN=name\/with\/slashes/C=NO"
+
+echo -e "\n generating a self-signed certifificate to PEM file ..."
+openssl x509 -req -in req.pem -out cert-ss.pem -signkey rsa-pri-1024.pem
+
+echo -e "\n generating a self-signed certifificate to DER file ..."
+openssl x509 -req -in req.pem -out cert-ss.der -signkey rsa-pri-1024.pem -outform der
+
+echo -e "\n generating a certifificate signed by a dummy CA to PEM file ..."
+openssl x509 -req -in req.pem -out cert.pem -CA ca-cert.pem -set_serial 17
+
+echo -e "\n generating a certifificate signed by a dummy CA to DER file ..."
+openssl x509 -req -in req.pem -out cert.der -CA ca-cert.pem -set_serial 17 -outform der
+
+#--- Public keys --------------------------------------------------------------------------------
+echo -e "\n associate public keys with all certificates ..."
+# Note: For now, there is only one public key (encoded in both PEM and DER), but that could change.
+/bin/cp rsa-pub-1024.pem cert-ss.pem.pubkey
+/bin/cp rsa-pub-1024.der cert-ss.der.pubkey
+/bin/cp rsa-pub-1024.pem cert.pem.pubkey
+/bin/cp rsa-pub-1024.der cert.der.pubkey
+
+#--- Digests --------------------------------------------------------------------------------
+echo -e "\n generating md5 and sha1 digests of all certificates ..."
+for digest in md5 sha1
+do
+ openssl x509 -in ca-cert.pem -noout -fingerprint -$digest > ca-cert.pem.digest-$digest
+ openssl x509 -in cert-ss.pem -noout -fingerprint -$digest > cert-ss.pem.digest-$digest
+ openssl x509 -in cert.pem -noout -fingerprint -$digest > cert.pem.digest-$digest
+done
+
+#--- Subjet Alternative Name extension ----------------------------------------------------
+echo -e "\n generating self signed root cert. with Subject Alternative Name extension (X509v3) ..."
+outname=cert-ss-san.pem
+openssl req -out req-san.pem -new -key rsa-pri-1024.pem -subj "/CN=Johnny GuitarC=NO"
+openssl req -x509 -in req-san.pem -out $outname -key rsa-pri-1024.pem \
+ -config san.cnf -extensions subj_alt_name
+/bin/cp san.cnf $outname.san
+
+echo -e "\n cleaning up ..."
+/bin/rm rsa-pri-1024.pem rsa-pub-1024.* req*.pem
diff --git a/tests/auto/qsslcertificate/certificates/san.cnf b/tests/auto/qsslcertificate/certificates/san.cnf
new file mode 100644
index 0000000..f46a637
--- /dev/null
+++ b/tests/auto/qsslcertificate/certificates/san.cnf
@@ -0,0 +1,5 @@
+[subj_alt_name]
+subjectAltName=\
+ email:arne@foobar.org,\
+ DNS:www.foobar.org,\
+ email:bjarne@foobar.org
diff --git a/tests/auto/qsslcertificate/more-certificates/trailing-whitespace.pem b/tests/auto/qsslcertificate/more-certificates/trailing-whitespace.pem
new file mode 100644
index 0000000..e48195d
--- /dev/null
+++ b/tests/auto/qsslcertificate/more-certificates/trailing-whitespace.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB8zCCAVwCAREwDQYJKoZIhvcNAQEFBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDcwNDE3MDc0MDI2WhcNMDcwNTE3
+MDc0MDI2WjApMRowGAYDVQQDExFuYW1lL3dpdGgvc2xhc2hlczELMAkGA1UEBhMC
+Tk8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOud6QOsME+pWANExxgmL0iT
+1ayg++hTxHsqAYnm/FoMxfUh+NdKkgJn2/GfNppinfPOSI667VqonU+7JBZDTLV5
+CPbZIo9fFQpDJQN6naev4yaxU1VeYFfI7S8c8zYKeGSR+RenNNeLvfH80YxPpZZ1
+snv8IfDH2V8MVxiyr7lLAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAleaU4pgzV6KY
++q9QuXapUYMsC2GiNtDmkG3k+MTHUO8XlE4hqPrIM6rRf7zKQdZ950R2wL9FSnYl
+Qm1Tdv38dCka6ivMBqvRuOt9axH3m0G7nzHL7U3zaCbtEx3yVln+b3yYtiVpTuq0
+3MLrt7tQGAW6ra8ISf6YY1W65/uVXZE=
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslcertificate/qsslcertificate.pro b/tests/auto/qsslcertificate/qsslcertificate.pro
new file mode 100644
index 0000000..f3f7adb
--- /dev/null
+++ b/tests/auto/qsslcertificate/qsslcertificate.pro
@@ -0,0 +1,26 @@
+load(qttest_p4)
+
+SOURCES += tst_qsslcertificate.cpp
+!wince*:win32:LIBS += -lws2_32
+QT += network
+
+TARGET = tst_qsslcertificate
+
+win32 {
+ CONFIG(debug, debug|release) {
+ DESTDIR = debug
+} else {
+ DESTDIR = release
+ }
+}
+
+wince*: {
+ certFiles.sources = certificates more-certificates
+ certFiles.path = .
+ DEPLOYMENT += certFiles
+ DEFINES += SRCDIR=\\\".\\\"
+} else {
+ DEFINES += SRCDIR=\\\"$$PWD/\\\"
+}
+
+
diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
new file mode 100644
index 0000000..6f50fc4
--- /dev/null
+++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
@@ -0,0 +1,695 @@
+/****************************************************************************
+**
+** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+**
+** This file is part of the test suite of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** No Commercial Usage
+** This file contains pre-release code and may not be distributed.
+** You may use this file in accordance with the terms and conditions
+** contained in the either Technology Preview License Agreement or the
+** Beta Release License Agreement.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPL included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 2.1 requirements
+** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3.0 as published by the Free Software
+** Foundation and appearing in the file LICENSE.GPL included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU General Public License version 3.0 requirements will be
+** met: http://www.gnu.org/copyleft/gpl.html.
+**
+** If you are unsure which license is appropriate for your use, please
+** contact the sales department at qt-sales@nokia.com.
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+
+#include <QtTest/QtTest>
+#include <qsslcertificate.h>
+#include <qsslkey.h>
+#include <qsslsocket.h>
+
+class tst_QSslCertificate : public QObject
+{
+ Q_OBJECT
+
+ struct CertInfo {
+ QFileInfo fileInfo;
+ QFileInfo fileInfo_digest_md5;
+ QFileInfo fileInfo_digest_sha1;
+ QSsl::EncodingFormat format;
+ CertInfo(const QFileInfo &fileInfo, QSsl::EncodingFormat format)
+ : fileInfo(fileInfo), format(format) {}
+ };
+
+ QList<CertInfo> certInfoList;
+ QMap<QString, QString> subjAltNameMap;
+ QMap<QString, QString> pubkeyMap;
+ QMap<QString, QString> md5Map;
+ QMap<QString, QString> sha1Map;
+
+ void createTestRows();
+#ifndef QT_NO_OPENSSL
+ void compareCertificates(const QSslCertificate & cert1, const QSslCertificate & cert2);
+#endif
+
+ QString oldCurrentDir;
+public:
+ tst_QSslCertificate();
+ virtual ~tst_QSslCertificate();
+
+public slots:
+ void initTestCase_data();
+ void init();
+ void cleanup();
+
+#ifndef QT_NO_OPENSSL
+private slots:
+ void emptyConstructor();
+ void constructor_data();
+ void constructor();
+ void constructingGarbage();
+ void copyAndAssign_data();
+ void copyAndAssign();
+ void digest_data();
+ void digest();
+ void alternateSubjectNames_data();
+ void alternateSubjectNames();
+ void publicKey_data();
+ void publicKey();
+ void toPemOrDer_data();
+ void toPemOrDer();
+ void fromDevice();
+ void fromPath_data();
+ void fromPath();
+ void certInfo();
+// ### add tests for certificate bundles (multiple certificates concatenated into a single
+// structure); both PEM and DER formatted
+#endif
+};
+
+tst_QSslCertificate::tst_QSslCertificate()
+{
+#ifdef Q_WS_MAC
+ // applicationDirPath() points to a path inside the app bundle on Mac.
+ QDir dir(qApp->applicationDirPath() + QLatin1String("/../../../certificates"));
+#else
+ QDir dir(SRCDIR + QLatin1String("/certificates"));
+#endif
+ QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable);
+ QRegExp rxCert(QLatin1String("^.+\\.(pem|der)$"));
+ QRegExp rxSan(QLatin1String("^(.+\\.(?:pem|der))\\.san$"));
+ QRegExp rxPubKey(QLatin1String("^(.+\\.(?:pem|der))\\.pubkey$"));
+ QRegExp rxDigest(QLatin1String("^(.+\\.(?:pem|der))\\.digest-(md5|sha1)$"));
+ foreach (QFileInfo fileInfo, fileInfoList) {
+ if (rxCert.indexIn(fileInfo.fileName()) >= 0)
+ certInfoList <<
+ CertInfo(fileInfo,
+ rxCert.cap(1) == QLatin1String("pem") ? QSsl::Pem : QSsl::Der);
+ if (rxSan.indexIn(fileInfo.fileName()) >= 0)
+ subjAltNameMap.insert(rxSan.cap(1), fileInfo.absoluteFilePath());
+ if (rxPubKey.indexIn(fileInfo.fileName()) >= 0)
+ pubkeyMap.insert(rxPubKey.cap(1), fileInfo.absoluteFilePath());
+ if (rxDigest.indexIn(fileInfo.fileName()) >= 0) {
+ if (rxDigest.cap(2) == QLatin1String("md5"))
+ md5Map.insert(rxDigest.cap(1), fileInfo.absoluteFilePath());
+ else
+ sha1Map.insert(rxDigest.cap(1), fileInfo.absoluteFilePath());
+ }
+ }
+}
+
+tst_QSslCertificate::~tst_QSslCertificate()
+{
+}
+
+void tst_QSslCertificate::initTestCase_data()
+{
+}
+
+void tst_QSslCertificate::init()
+{
+ QString srcdir(QLatin1String(SRCDIR));
+ if (!srcdir.isEmpty()) {
+ oldCurrentDir = QDir::current().absolutePath();
+ QDir::setCurrent(srcdir);
+ }
+}
+
+void tst_QSslCertificate::cleanup()
+{
+ if (!oldCurrentDir.isEmpty()) {
+ QDir::setCurrent(oldCurrentDir);
+ }
+
+}
+
+static QByteArray readFile(const QString &absFilePath)
+{
+ QFile file(absFilePath);
+ if (!file.open(QIODevice::ReadOnly)) {
+ QWARN("failed to open file");
+ return QByteArray();
+ }
+ return file.readAll();
+}
+
+#ifndef QT_NO_OPENSSL
+
+void tst_QSslCertificate::emptyConstructor()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QSslCertificate certificate;
+ QVERIFY(certificate.isNull());
+ //make sure none of the functions crash (task 203035)
+ QVERIFY(!certificate.isValid());
+ QCOMPARE(certificate.version() , QByteArray());
+ QCOMPARE(certificate.serialNumber(), QByteArray());
+ QCOMPARE(certificate.digest(), QCryptographicHash::hash(QByteArray(), QCryptographicHash::Md5));
+ QCOMPARE(certificate.issuerInfo(QSslCertificate::Organization), QString());
+ QCOMPARE(certificate.subjectInfo(QSslCertificate::Organization), QString());
+ QCOMPARE(certificate.alternateSubjectNames(),(QMultiMap<QSsl::AlternateNameEntryType, QString>()));
+#ifndef QT_NO_TEXTSTREAM
+ QCOMPARE(certificate.effectiveDate(), QDateTime());
+ QCOMPARE(certificate.expiryDate(), QDateTime());
+#endif
+}
+
+Q_DECLARE_METATYPE(QSsl::EncodingFormat);
+
+void tst_QSslCertificate::createTestRows()
+{
+ QTest::addColumn<QString>("absFilePath");
+ QTest::addColumn<QSsl::EncodingFormat>("format");
+ foreach (CertInfo certInfo, certInfoList) {
+ QTest::newRow(certInfo.fileInfo.fileName().toLatin1())
+ << certInfo.fileInfo.absoluteFilePath() << certInfo.format;
+ }
+}
+
+void tst_QSslCertificate::constructor_data()
+{
+ createTestRows();
+}
+
+void tst_QSslCertificate::constructor()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QFETCH(QString, absFilePath);
+ QFETCH(QSsl::EncodingFormat, format);
+
+ QByteArray encoded = readFile(absFilePath);
+ QSslCertificate certificate(encoded, format);
+ QVERIFY(!certificate.isNull());
+}
+
+void tst_QSslCertificate::constructingGarbage()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QByteArray garbage("garbage");
+ QSslCertificate certificate(garbage);
+ QVERIFY(certificate.isNull());
+}
+
+void tst_QSslCertificate::copyAndAssign_data()
+{
+ createTestRows();
+}
+
+void tst_QSslCertificate::compareCertificates(
+ const QSslCertificate & cert1, const QSslCertificate & cert2)
+{
+ QCOMPARE(cert1.isNull(), cert2.isNull());
+ // Note: in theory, the next line could fail even if the certificates are identical!
+ QCOMPARE(cert1.isValid(), cert2.isValid());
+ QCOMPARE(cert1.version(), cert2.version());
+ QCOMPARE(cert1.serialNumber(), cert2.serialNumber());
+ QCOMPARE(cert1.digest(), cert2.digest());
+ QCOMPARE(cert1.toPem(), cert2.toPem());
+ QCOMPARE(cert1.toDer(), cert2.toDer());
+ for (int info = QSslCertificate::Organization;
+ info <= QSslCertificate::StateOrProvinceName; info++) {
+ const QSslCertificate::SubjectInfo subjectInfo = (QSslCertificate::SubjectInfo)info;
+ QCOMPARE(cert1.issuerInfo(subjectInfo), cert2.issuerInfo(subjectInfo));
+ QCOMPARE(cert1.subjectInfo(subjectInfo), cert2.subjectInfo(subjectInfo));
+ }
+ QCOMPARE(cert1.alternateSubjectNames(), cert2.alternateSubjectNames());
+ QCOMPARE(cert1.effectiveDate(), cert2.effectiveDate());
+ QCOMPARE(cert1.expiryDate(), cert2.expiryDate());
+ // ### add more functions here ...
+}
+
+void tst_QSslCertificate::copyAndAssign()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QFETCH(QString, absFilePath);
+ QFETCH(QSsl::EncodingFormat, format);
+
+ QByteArray encoded = readFile(absFilePath);
+ QSslCertificate certificate(encoded, format);
+
+ QVERIFY(!certificate.isNull());
+
+ QSslCertificate copied(certificate);
+ compareCertificates(certificate, copied);
+
+ QSslCertificate assigned = certificate;
+ compareCertificates(certificate, assigned);
+}
+
+void tst_QSslCertificate::digest_data()
+{
+ QTest::addColumn<QString>("absFilePath");
+ QTest::addColumn<QSsl::EncodingFormat>("format");
+ QTest::addColumn<QString>("absFilePath_digest_md5");
+ QTest::addColumn<QString>("absFilePath_digest_sha1");
+ foreach (CertInfo certInfo, certInfoList) {
+ QString certName = certInfo.fileInfo.fileName();
+ QTest::newRow(certName.toLatin1())
+ << certInfo.fileInfo.absoluteFilePath()
+ << certInfo.format
+ << md5Map.value(certName)
+ << sha1Map.value(certName);
+ }
+}
+
+// Converts a digest of the form '{MD5|SHA1} Fingerprint=AB:B8:32...' to binary format.
+static QByteArray convertDigest(const QByteArray &input)
+{
+ QByteArray result;
+ QRegExp rx(QLatin1String("(?:=|:)([0-9A-Fa-f]{2})"));
+ int pos = 0;
+ while ((pos = rx.indexIn(input, pos)) != -1) {
+ result.append(rx.cap(1).toLatin1());
+ pos += rx.matchedLength();
+ }
+ return QByteArray::fromHex(result);
+}
+
+void tst_QSslCertificate::digest()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QFETCH(QString, absFilePath);
+ QFETCH(QSsl::EncodingFormat, format);
+ QFETCH(QString, absFilePath_digest_md5);
+ QFETCH(QString, absFilePath_digest_sha1);
+
+ QByteArray encoded = readFile(absFilePath);
+ QSslCertificate certificate(encoded, format);
+ QVERIFY(!certificate.isNull());
+
+ if (!absFilePath_digest_md5.isEmpty())
+ QCOMPARE(convertDigest(readFile(absFilePath_digest_md5)),
+ certificate.digest(QCryptographicHash::Md5));
+
+ if (!absFilePath_digest_sha1.isEmpty())
+ QCOMPARE(convertDigest(readFile(absFilePath_digest_sha1)),
+ certificate.digest(QCryptographicHash::Sha1));
+}
+
+void tst_QSslCertificate::alternateSubjectNames_data()
+{
+ QTest::addColumn<QString>("certFilePath");
+ QTest::addColumn<QSsl::EncodingFormat>("format");
+ QTest::addColumn<QString>("subjAltNameFilePath");
+
+ foreach (CertInfo certInfo, certInfoList) {
+ QString certName = certInfo.fileInfo.fileName();
+ if (subjAltNameMap.contains(certName))
+ QTest::newRow(certName.toLatin1())
+ << certInfo.fileInfo.absoluteFilePath()
+ << certInfo.format
+ << subjAltNameMap.value(certName);
+ }
+}
+
+void tst_QSslCertificate::alternateSubjectNames()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QFETCH(QString, certFilePath);
+ QFETCH(QSsl::EncodingFormat, format);
+ QFETCH(QString, subjAltNameFilePath);
+
+ QByteArray encodedCert = readFile(certFilePath);
+ QSslCertificate certificate(encodedCert, format);
+ QVERIFY(!certificate.isNull());
+
+ QByteArray fileContents = readFile(subjAltNameFilePath);
+
+ const QMultiMap<QSsl::AlternateNameEntryType, QString> altSubjectNames =
+ certificate.alternateSubjectNames();
+
+ // verify that each entry in subjAltNames is present in fileContents
+ QMapIterator<QSsl::AlternateNameEntryType, QString> it(altSubjectNames);
+ while (it.hasNext()) {
+ it.next();
+ QString type;
+ if (it.key() == QSsl::EmailEntry)
+ type = QLatin1String("email");
+ else if (it.key() == QSsl::DnsEntry)
+ type = QLatin1String("DNS");
+ else
+ QFAIL("unsupported alternative name type");
+ QString entry = QString("%1:%2").arg(type).arg(it.value());
+ QVERIFY(fileContents.contains(entry.toAscii()));
+ }
+
+ // verify that each entry in fileContents is present in subjAltNames
+ QRegExp rx(QLatin1String("(email|DNS):([^,\\r\\n]+)"));
+ for (int pos = 0; (pos = rx.indexIn(fileContents, pos)) != -1; pos += rx.matchedLength()) {
+ QSsl::AlternateNameEntryType key;
+ if (rx.cap(1) == QLatin1String("email"))
+ key = QSsl::EmailEntry;
+ else if (rx.cap(1) == QLatin1String("DNS"))
+ key = QSsl::DnsEntry;
+ else
+ QFAIL("unsupported alternative name type");
+ QVERIFY(altSubjectNames.contains(key, rx.cap(2)));
+ }
+}
+
+void tst_QSslCertificate::publicKey_data()
+{
+ QTest::addColumn<QString>("certFilePath");
+ QTest::addColumn<QSsl::EncodingFormat>("format");
+ QTest::addColumn<QString>("pubkeyFilePath");
+
+ foreach (CertInfo certInfo, certInfoList) {
+ QString certName = certInfo.fileInfo.fileName();
+ if (pubkeyMap.contains(certName))
+ QTest::newRow(certName.toLatin1())
+ << certInfo.fileInfo.absoluteFilePath()
+ << certInfo.format
+ << pubkeyMap.value(certName);
+ }
+}
+
+void tst_QSslCertificate::publicKey()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QFETCH(QString, certFilePath);
+ QFETCH(QSsl::EncodingFormat, format);
+ QFETCH(QString, pubkeyFilePath);
+
+ QByteArray encodedCert = readFile(certFilePath);
+ QSslCertificate certificate(encodedCert, format);
+ QVERIFY(!certificate.isNull());
+
+ QByteArray encodedPubkey = readFile(pubkeyFilePath);
+ QSslKey pubkey(encodedPubkey, QSsl::Rsa, format, QSsl::PublicKey); // ### support DSA as well!
+ QVERIFY(!pubkey.isNull());
+
+ QCOMPARE(certificate.publicKey(), pubkey);
+}
+
+void tst_QSslCertificate::toPemOrDer_data()
+{
+ createTestRows();
+}
+
+static const char BeginCertString[] = "-----BEGIN CERTIFICATE-----";
+static const char EndCertString[] = "-----END CERTIFICATE-----";
+
+// Returns, in Pem-format, the first certificate found in a Pem-formatted block
+// (Note that such a block may contain e.g. a private key at the end).
+static QByteArray firstPemCertificateFromPem(const QByteArray &pem)
+{
+ int startPos = pem.indexOf(BeginCertString);
+ int endPos = pem.indexOf(EndCertString);
+ if (startPos == -1 || endPos == -1)
+ return QByteArray();
+ return pem.mid(startPos, endPos + sizeof(EndCertString) - startPos);
+}
+
+void tst_QSslCertificate::toPemOrDer()
+{
+ if (!QSslSocket::supportsSsl())
+ return;
+
+ QFETCH(QString, absFilePath);
+ QFETCH(QSsl::EncodingFormat, format);
+
+ QByteArray encoded = readFile(absFilePath);
+ QSslCertificate certificate(encoded, format);
+ QVERIFY(!certificate.isNull());
+ if (format == QSsl::Pem) {
+ encoded.replace('\r',"");
+ QByteArray firstPem = firstPemCertificateFromPem(encoded);
+ QCOMPARE(certificate.toPem(), firstPem);
+ } else {
+ // ### for now, we assume that DER-encoded certificates don't contain bundled stuff
+ QCOMPARE(certificate.toDer(), encoded);
+ }
+}
+
+void tst_QSslCertificate::fromDevice()
+{
+ QTest::ignoreMessage(QtWarningMsg, "QSslCertificate::fromDevice: cannot read from a null device");
+ QList<QSslCertificate> certs = QSslCertificate::fromDevice(0); // don't crash
+ QVERIFY(certs.isEmpty());
+}
+
+void tst_QSslCertificate::fromPath_data()
+{
+ QTest::addColumn<QString>("path");
+ QTest::addColumn<int>("syntax");
+ QTest::addColumn<bool>("pemencoding");
+ QTest::addColumn<int>("numCerts");
+
+ QTest::newRow("empty fixed pem") << QString() << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("empty fixed der") << QString() << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("empty regexp pem") << QString() << int(QRegExp::RegExp) << true << 0;
+ QTest::newRow("empty regexp der") << QString() << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("empty wildcard pem") << QString() << int(QRegExp::Wildcard) << true << 0;
+ QTest::newRow("empty wildcard der") << QString() << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"certificates\" fixed pem") << QString("certificates") << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("\"certificates\" fixed der") << QString("certificates") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"certificates\" regexp pem") << QString("certificates") << int(QRegExp::RegExp) << true << 0;
+ QTest::newRow("\"certificates\" regexp der") << QString("certificates") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"certificates\" wildcard pem") << QString("certificates") << int(QRegExp::Wildcard) << true << 0;
+ QTest::newRow("\"certificates\" wildcard der") << QString("certificates") << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"certificates/cert.pem\" fixed pem") << QString("certificates/cert.pem") << int(QRegExp::FixedString) << true << 1;
+ QTest::newRow("\"certificates/cert.pem\" fixed der") << QString("certificates/cert.pem") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"certificates/cert.pem\" regexp pem") << QString("certificates/cert.pem") << int(QRegExp::RegExp) << true << 1;
+ QTest::newRow("\"certificates/cert.pem\" regexp der") << QString("certificates/cert.pem") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"certificates/cert.pem\" wildcard pem") << QString("certificates/cert.pem") << int(QRegExp::Wildcard) << true << 1;
+ QTest::newRow("\"certificates/cert.pem\" wildcard der") << QString("certificates/cert.pem") << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"certificates/*\" fixed pem") << QString("certificates/*") << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("\"certificates/*\" fixed der") << QString("certificates/*") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"certificates/*\" regexp pem") << QString("certificates/*") << int(QRegExp::RegExp) << true << 0;
+ QTest::newRow("\"certificates/*\" regexp der") << QString("certificates/*") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"certificates/*\" wildcard pem") << QString("certificates/*") << int(QRegExp::Wildcard) << true << 4;
+ QTest::newRow("\"certificates/*\" wildcard der") << QString("certificates/*") << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"c*/c*.pem\" fixed pem") << QString("c*/c*.pem") << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("\"c*/c*.pem\" fixed der") << QString("c*/c*.pem") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"c*/c*.pem\" regexp pem") << QString("c*/c*.pem") << int(QRegExp::RegExp) << true << 0;
+ QTest::newRow("\"c*/c*.pem\" regexp der") << QString("c*/c*.pem") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"c*/c*.pem\" wildcard pem") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << true << 4;
+ QTest::newRow("\"c*/c*.pem\" wildcard der") << QString("c*/c*.pem") << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"d*/c*.pem\" fixed pem") << QString("d*/c*.pem") << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("\"d*/c*.pem\" fixed der") << QString("d*/c*.pem") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"d*/c*.pem\" regexp pem") << QString("d*/c*.pem") << int(QRegExp::RegExp) << true << 0;
+ QTest::newRow("\"d*/c*.pem\" regexp der") << QString("d*/c*.pem") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"d*/c*.pem\" wildcard pem") << QString("d*/c*.pem") << int(QRegExp::Wildcard) << true << 0;
+ QTest::newRow("\"d*/c*.pem\" wildcard der") << QString("d*/c*.pem") << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"c.*/c.*.pem\" fixed pem") << QString("c.*/c.*.pem") << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("\"c.*/c.*.pem\" fixed der") << QString("c.*/c.*.pem") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"c.*/c.*.pem\" regexp pem") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << true << 4;
+ QTest::newRow("\"c.*/c.*.pem\" regexp der") << QString("c.*/c.*.pem") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"c.*/c.*.pem\" wildcard pem") << QString("c.*/c.*.pem") << int(QRegExp::Wildcard) << true << 0;
+ QTest::newRow("\"c.*/c.*.pem\" wildcard der") << QString("c.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0;
+ QTest::newRow("\"d.*/c.*.pem\" fixed pem") << QString("d.*/c.*.pem") << int(QRegExp::FixedString) << true << 0;
+ QTest::newRow("\"d.*/c.*.pem\" fixed der") << QString("d.*/c.*.pem") << int(QRegExp::FixedString) << false << 0;
+ QTest::newRow("\"d.*/c.*.pem\" regexp pem") << QString("d.*/c.*.pem") << int(QRegExp::RegExp) << true << 0;
+ QTest::newRow("\"d.*/c.*.pem\" regexp der") << QString("d.*/c.*.pem") << int(QRegExp::RegExp) << false << 0;
+ QTest::newRow("\"d.*/c.*.pem\" wildcard pem") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << true << 0;
+ QTest::newRow("\"d.*/c.*.pem\" wildcard der") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0;
+
+ QTest::newRow("trailing-whitespace") << QString("more-certificates/trailing-whitespace.pem") << int(QRegExp::FixedString) << true << 1;
+}
+
+void tst_QSslCertificate::fromPath()
+{
+ QFETCH(QString, path);
+ QFETCH(int, syntax);
+ QFETCH(bool, pemencoding);
+ QFETCH(int, numCerts);
+
+ QCOMPARE(QSslCertificate::fromPath(path,
+ pemencoding ? QSsl::Pem : QSsl::Der,
+ QRegExp::PatternSyntax(syntax)).size(),
+ numCerts);
+}
+
+void tst_QSslCertificate::certInfo()
+{
+// MD5 Fingerprint=B6:CF:57:34:DA:A9:73:21:82:F7:CF:4D:3D:85:31:88
+// SHA1 Fingerprint=B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60
+// Certificate:
+// Data:
+// Version: 1 (0x0)
+// Serial Number: 17 (0x11)
+// Signature Algorithm: sha1WithRSAEncryption
+// Issuer: C=AU, ST=Queensland, O=CryptSoft Pty Ltd, CN=Test CA (1024 bit)
+// Validity
+// Not Before: Apr 17 07:40:26 2007 GMT
+// Not After : May 17 07:40:26 2007 GMT
+// Subject: CN=name/with/slashes, C=NO
+// Subject Public Key Info:
+// Public Key Algorithm: rsaEncryption
+// RSA Public Key: (1024 bit)
+// Modulus (1024 bit):
+// 00:eb:9d:e9:03:ac:30:4f:a9:58:03:44:c7:18:26:
+// 2f:48:93:d5:ac:a0:fb:e8:53:c4:7b:2a:01:89:e6:
+// fc:5a:0c:c5:f5:21:f8:d7:4a:92:02:67:db:f1:9f:
+// 36:9a:62:9d:f3:ce:48:8e:ba:ed:5a:a8:9d:4f:bb:
+// 24:16:43:4c:b5:79:08:f6:d9:22:8f:5f:15:0a:43:
+// 25:03:7a:9d:a7:af:e3:26:b1:53:55:5e:60:57:c8:
+// ed:2f:1c:f3:36:0a:78:64:91:f9:17:a7:34:d7:8b:
+// bd:f1:fc:d1:8c:4f:a5:96:75:b2:7b:fc:21:f0:c7:
+// d9:5f:0c:57:18:b2:af:b9:4b
+// Exponent: 65537 (0x10001)
+// Signature Algorithm: sha1WithRSAEncryption
+// 95:e6:94:e2:98:33:57:a2:98:fa:af:50:b9:76:a9:51:83:2c:
+// 0b:61:a2:36:d0:e6:90:6d:e4:f8:c4:c7:50:ef:17:94:4e:21:
+// a8:fa:c8:33:aa:d1:7f:bc:ca:41:d6:7d:e7:44:76:c0:bf:45:
+// 4a:76:25:42:6d:53:76:fd:fc:74:29:1a:ea:2b:cc:06:ab:d1:
+// b8:eb:7d:6b:11:f7:9b:41:bb:9f:31:cb:ed:4d:f3:68:26:ed:
+// 13:1d:f2:56:59:fe:6f:7c:98:b6:25:69:4e:ea:b4:dc:c2:eb:
+// b7:bb:50:18:05:ba:ad:af:08:49:fe:98:63:55:ba:e7:fb:95:
+// 5d:91
+ static const char pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIB8zCCAVwCAREwDQYJKoZIhvcNAQEFBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV\n"
+ "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD\n"
+ "VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDcwNDE3MDc0MDI2WhcNMDcwNTE3\n"
+ "MDc0MDI2WjApMRowGAYDVQQDExFuYW1lL3dpdGgvc2xhc2hlczELMAkGA1UEBhMC\n"
+ "Tk8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOud6QOsME+pWANExxgmL0iT\n"
+ "1ayg++hTxHsqAYnm/FoMxfUh+NdKkgJn2/GfNppinfPOSI667VqonU+7JBZDTLV5\n"
+ "CPbZIo9fFQpDJQN6naev4yaxU1VeYFfI7S8c8zYKeGSR+RenNNeLvfH80YxPpZZ1\n"
+ "snv8IfDH2V8MVxiyr7lLAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAleaU4pgzV6KY\n"
+ "+q9QuXapUYMsC2GiNtDmkG3k+MTHUO8XlE4hqPrIM6rRf7zKQdZ950R2wL9FSnYl\n"
+ "Qm1Tdv38dCka6ivMBqvRuOt9axH3m0G7nzHL7U3zaCbtEx3yVln+b3yYtiVpTuq0\n"
+ "3MLrt7tQGAW6ra8ISf6YY1W65/uVXZE=\n"
+ "-----END CERTIFICATE-----\n";
+ static const char der[] = // hex encoded
+ "30:82:01:f3:30:82:01:5c:02:01:11:30:0d:06:09:2a"
+ "86:48:86:f7:0d:01:01:05:05:00:30:5b:31:0b:30:09"
+ "06:03:55:04:06:13:02:41:55:31:13:30:11:06:03:55"
+ "04:08:13:0a:51:75:65:65:6e:73:6c:61:6e:64:31:1a"
+ "30:18:06:03:55:04:0a:13:11:43:72:79:70:74:53:6f"
+ "66:74:20:50:74:79:20:4c:74:64:31:1b:30:19:06:03"
+ "55:04:03:13:12:54:65:73:74:20:43:41:20:28:31:30"
+ "32:34:20:62:69:74:29:30:1e:17:0d:30:37:30:34:31"
+ "37:30:37:34:30:32:36:5a:17:0d:30:37:30:35:31:37"
+ "30:37:34:30:32:36:5a:30:29:31:1a:30:18:06:03:55"
+ "04:03:13:11:6e:61:6d:65:2f:77:69:74:68:2f:73:6c"
+ "61:73:68:65:73:31:0b:30:09:06:03:55:04:06:13:02"
+ "4e:4f:30:81:9f:30:0d:06:09:2a:86:48:86:f7:0d:01"
+ "01:01:05:00:03:81:8d:00:30:81:89:02:81:81:00:eb"
+ "9d:e9:03:ac:30:4f:a9:58:03:44:c7:18:26:2f:48:93"
+ "d5:ac:a0:fb:e8:53:c4:7b:2a:01:89:e6:fc:5a:0c:c5"
+ "f5:21:f8:d7:4a:92:02:67:db:f1:9f:36:9a:62:9d:f3"
+ "ce:48:8e:ba:ed:5a:a8:9d:4f:bb:24:16:43:4c:b5:79"
+ "08:f6:d9:22:8f:5f:15:0a:43:25:03:7a:9d:a7:af:e3"
+ "26:b1:53:55:5e:60:57:c8:ed:2f:1c:f3:36:0a:78:64"
+ "91:f9:17:a7:34:d7:8b:bd:f1:fc:d1:8c:4f:a5:96:75"
+ "b2:7b:fc:21:f0:c7:d9:5f:0c:57:18:b2:af:b9:4b:02"
+ "03:01:00:01:30:0d:06:09:2a:86:48:86:f7:0d:01:01"
+ "05:05:00:03:81:81:00:95:e6:94:e2:98:33:57:a2:98"
+ "fa:af:50:b9:76:a9:51:83:2c:0b:61:a2:36:d0:e6:90"
+ "6d:e4:f8:c4:c7:50:ef:17:94:4e:21:a8:fa:c8:33:aa"
+ "d1:7f:bc:ca:41:d6:7d:e7:44:76:c0:bf:45:4a:76:25"
+ "42:6d:53:76:fd:fc:74:29:1a:ea:2b:cc:06:ab:d1:b8"
+ "eb:7d:6b:11:f7:9b:41:bb:9f:31:cb:ed:4d:f3:68:26"
+ "ed:13:1d:f2:56:59:fe:6f:7c:98:b6:25:69:4e:ea:b4"
+ "dc:c2:eb:b7:bb:50:18:05:ba:ad:af:08:49:fe:98:63"
+ "55:ba:e7:fb:95:5d:91";
+
+ QSslCertificate cert = QSslCertificate::fromPath("certificates/cert.pem", QSsl::Pem,
+ QRegExp::FixedString).first();
+ QVERIFY(!cert.isNull());
+
+ QCOMPARE(cert.issuerInfo(QSslCertificate::Organization), QString("CryptSoft Pty Ltd"));
+ QCOMPARE(cert.issuerInfo(QSslCertificate::CommonName), QString("Test CA (1024 bit)"));
+ QCOMPARE(cert.issuerInfo(QSslCertificate::LocalityName), QString());
+ QCOMPARE(cert.issuerInfo(QSslCertificate::OrganizationalUnitName), QString());
+ QCOMPARE(cert.issuerInfo(QSslCertificate::CountryName), QString("AU"));
+ QCOMPARE(cert.issuerInfo(QSslCertificate::StateOrProvinceName), QString("Queensland"));
+
+ QCOMPARE(cert.issuerInfo("O"), QString("CryptSoft Pty Ltd"));
+ QCOMPARE(cert.issuerInfo("CN"), QString("Test CA (1024 bit)"));
+ QCOMPARE(cert.issuerInfo("L"), QString());
+ QCOMPARE(cert.issuerInfo("OU"), QString());
+ QCOMPARE(cert.issuerInfo("C"), QString("AU"));
+ QCOMPARE(cert.issuerInfo("ST"), QString("Queensland"));
+
+ QCOMPARE(cert.subjectInfo(QSslCertificate::Organization), QString());
+ QCOMPARE(cert.subjectInfo(QSslCertificate::CommonName), QString("name/with/slashes"));
+ QCOMPARE(cert.subjectInfo(QSslCertificate::LocalityName), QString());
+ QCOMPARE(cert.subjectInfo(QSslCertificate::OrganizationalUnitName), QString());
+ QCOMPARE(cert.subjectInfo(QSslCertificate::CountryName), QString("NO"));
+ QCOMPARE(cert.subjectInfo(QSslCertificate::StateOrProvinceName), QString());
+
+ QCOMPARE(cert.subjectInfo("O"), QString());
+ QCOMPARE(cert.subjectInfo("CN"), QString("name/with/slashes"));
+ QCOMPARE(cert.subjectInfo("L"), QString());
+ QCOMPARE(cert.subjectInfo("OU"), QString());
+ QCOMPARE(cert.subjectInfo("C"), QString("NO"));
+ QCOMPARE(cert.subjectInfo("ST"), QString());
+
+ QCOMPARE(cert.version(), QByteArray());
+ QCOMPARE(cert.toPem().constData(), (const char*)pem);
+ QCOMPARE(cert.toDer(), QByteArray::fromHex(der));
+
+ QCOMPARE(cert.digest(QCryptographicHash::Md5),
+ QByteArray::fromHex("B6:CF:57:34:DA:A9:73:21:82:F7:CF:4D:3D:85:31:88"));
+ QCOMPARE(cert.digest(QCryptographicHash::Sha1),
+ QByteArray::fromHex("B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60"));
+
+ QCOMPARE(cert.effectiveDate().toUTC(), QDateTime(QDate(2007, 4, 17), QTime(7,40,26), Qt::UTC));
+ QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2007, 5, 17), QTime(7,40,26), Qt::UTC));
+ QVERIFY(!cert.isValid()); // cert has expired
+
+ QSslCertificate copy = cert;
+ QVERIFY(cert == copy);
+ QVERIFY(!(cert != copy));
+
+ QCOMPARE(cert, QSslCertificate(pem, QSsl::Pem));
+ QCOMPARE(cert, QSslCertificate(QByteArray::fromHex(der), QSsl::Der));
+}
+
+#endif // QT_NO_OPENSSL
+
+QTEST_MAIN(tst_QSslCertificate)
+#include "tst_qsslcertificate.moc"