From 254d7189d8ac3681ae52487513487f8a2cb7d0dc Mon Sep 17 00:00:00 2001 From: Corentin Chary Date: Wed, 31 Aug 2011 19:35:35 +0200 Subject: [PATCH] qssl: add auto test to QSsl::Opaque QSslKeys Also export two symbols for auto tests since opaque keys need EVP_PKEY * created by openssl. Change-Id: Ib7801ddfceb259de7291bfaa5940df87f68af97d Merge-request: 48 Reviewed-by: Peter Hartmann Reviewed-on: http://codereview.qt.nokia.com/4011 Reviewed-by: Qt Sanity Bot --- .../ssl/qsslsocket_openssl_symbols_p.h | 4 +-- tests/auto/qsslsocket/qsslsocket.pro | 11 +++++++ tests/auto/qsslsocket/tst_qsslsocket.cpp | 30 +++++++++++++++++++ 3 files changed, 43 insertions(+), 2 deletions(-) diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index a1db6d9320..d1705b3680 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -228,13 +228,13 @@ char *q_ERR_error_string(unsigned long a, char *b); unsigned long q_ERR_get_error(); const EVP_CIPHER *q_EVP_des_ede3_cbc(); int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c); -int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b); +Q_AUTOTEST_EXPORT int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b); int q_EVP_PKEY_set1_DSA(EVP_PKEY *a, DSA *b); void q_EVP_PKEY_free(EVP_PKEY *a); RSA *q_EVP_PKEY_get1_RSA(EVP_PKEY *a); DSA *q_EVP_PKEY_get1_DSA(EVP_PKEY *a); int q_EVP_PKEY_type(int a); -EVP_PKEY *q_EVP_PKEY_new(); +Q_AUTOTEST_EXPORT EVP_PKEY *q_EVP_PKEY_new(); int q_i2d_X509(X509 *a, unsigned char **b); const char *q_OBJ_nid2sn(int a); const char *q_OBJ_nid2ln(int a); diff --git a/tests/auto/qsslsocket/qsslsocket.pro b/tests/auto/qsslsocket/qsslsocket.pro index 76d73b7cb3..1f5c7f6aaf 100644 --- a/tests/auto/qsslsocket/qsslsocket.pro +++ b/tests/auto/qsslsocket/qsslsocket.pro @@ -15,6 +15,17 @@ win32 { } } +# OpenSSL support +contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) { + symbian { + INCLUDEPATH *= $$OS_LAYER_SSL_SYSTEMINCLUDE + } else { + include($$QT_SOURCE_TREE/config.tests/unix/openssl/openssl.pri) + } + # Add optional SSL libs + LIBS += $$OPENSSL_LIBS +} + wince* { DEFINES += SRCDIR=\\\"./\\\" diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp index 8b3ec3d31e..4ffcba6e65 100644 --- a/tests/auto/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp @@ -56,6 +56,7 @@ #include "private/qhostinfo_p.h" #include "private/qsslsocket_openssl_p.h" +#include "private/qsslsocket_openssl_symbols_p.h" #include "../network-settings.h" @@ -146,6 +147,7 @@ private slots: void peerCertificate(); void peerCertificateChain(); void privateKey(); + void privateKeyOpaque(); void protocol(); void protocolServerSide_data(); void protocolServerSide(); @@ -764,6 +766,34 @@ void tst_QSslSocket::privateKey() { } +void tst_QSslSocket::privateKeyOpaque() +{ + if (!QSslSocket::supportsSsl()) + return; + + QFile file(SRCDIR "certs/fluke.key"); + QVERIFY(file.open(QIODevice::ReadOnly)); + QSslKey key(file.readAll(), QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey); + QVERIFY(!key.isNull()); + + EVP_PKEY *pkey = q_EVP_PKEY_new(); + q_EVP_PKEY_set1_RSA(pkey, reinterpret_cast(key.handle())); + + // This test does not make 100% sense yet. We just set some local CA/cert/key and use it + // to authenticate ourselves against the server. The server does not actually check this + // values. This test should just run the codepath inside qsslsocket_openssl.cpp + + QSslSocketPtr socket = newSocket(); + QList localCert = QSslCertificate::fromPath(SRCDIR "certs/qt-test-server-cacert.pem"); + socket->setCaCertificates(localCert); + socket->setLocalCertificate(QLatin1String(SRCDIR "certs/fluke.cert")); + socket->setPrivateKey(QSslKey(reinterpret_cast(pkey))); + + socket->setPeerVerifyMode(QSslSocket::QueryPeer); + socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); + QVERIFY(socket->waitForEncrypted(10000)); +} + void tst_QSslSocket::protocol() { if (!QSslSocket::supportsSsl())