ssl: tighten QSslCertificateExtension tests
This tightens tests performed on a certificate's extensions by checking isCritical() and isSupported() for all extensions. It also explicitly checks the keys when value() returns a QVariantMap. Change-Id: If51c55be25bbcd09cc3a6712ddfea2bf9a01360f Reviewed-by: Richard J. Moore <rich@kde.org>
This commit is contained in:
parent
5cb21215c9
commit
a02d798bbd
@ -1096,6 +1096,8 @@ void tst_QSslCertificate::extensions()
|
|||||||
QSslCertificateExtension unknown = extensions[unknown_idx];
|
QSslCertificateExtension unknown = extensions[unknown_idx];
|
||||||
QVERIFY(unknown.oid() == QStringLiteral("1.3.6.1.5.5.7.1.12"));
|
QVERIFY(unknown.oid() == QStringLiteral("1.3.6.1.5.5.7.1.12"));
|
||||||
QVERIFY(unknown.name() == QStringLiteral("1.3.6.1.5.5.7.1.12"));
|
QVERIFY(unknown.name() == QStringLiteral("1.3.6.1.5.5.7.1.12"));
|
||||||
|
QVERIFY(!unknown.isCritical());
|
||||||
|
QVERIFY(!unknown.isSupported());
|
||||||
|
|
||||||
QByteArray unknownValue = QByteArray::fromHex(
|
QByteArray unknownValue = QByteArray::fromHex(
|
||||||
"3060A15EA05C305A305830561609696D6167652F6769663021301F300706052B0E03021A0414" \
|
"3060A15EA05C305A305830561609696D6167652F6769663021301F300706052B0E03021A0414" \
|
||||||
@ -1107,8 +1109,11 @@ void tst_QSslCertificate::extensions()
|
|||||||
QSslCertificateExtension aia = extensions[authority_info_idx];
|
QSslCertificateExtension aia = extensions[authority_info_idx];
|
||||||
QVERIFY(aia.oid() == QStringLiteral("1.3.6.1.5.5.7.1.1"));
|
QVERIFY(aia.oid() == QStringLiteral("1.3.6.1.5.5.7.1.1"));
|
||||||
QVERIFY(aia.name() == QStringLiteral("authorityInfoAccess"));
|
QVERIFY(aia.name() == QStringLiteral("authorityInfoAccess"));
|
||||||
|
QVERIFY(!aia.isCritical());
|
||||||
|
QVERIFY(aia.isSupported());
|
||||||
|
|
||||||
QVariantMap aiaValue = aia.value().toMap();
|
QVariantMap aiaValue = aia.value().toMap();
|
||||||
|
QCOMPARE(aiaValue.keys(), QList<QString>() << QStringLiteral("OCSP") << QStringLiteral("caIssuers"));
|
||||||
QString ocsp = aiaValue[QStringLiteral("OCSP")].toString();
|
QString ocsp = aiaValue[QStringLiteral("OCSP")].toString();
|
||||||
QString caIssuers = aiaValue[QStringLiteral("caIssuers")].toString();
|
QString caIssuers = aiaValue[QStringLiteral("caIssuers")].toString();
|
||||||
|
|
||||||
@ -1119,22 +1124,30 @@ void tst_QSslCertificate::extensions()
|
|||||||
QSslCertificateExtension basic = extensions[basic_constraints_idx];
|
QSslCertificateExtension basic = extensions[basic_constraints_idx];
|
||||||
QVERIFY(basic.oid() == QStringLiteral("2.5.29.19"));
|
QVERIFY(basic.oid() == QStringLiteral("2.5.29.19"));
|
||||||
QVERIFY(basic.name() == QStringLiteral("basicConstraints"));
|
QVERIFY(basic.name() == QStringLiteral("basicConstraints"));
|
||||||
|
QVERIFY(!basic.isCritical());
|
||||||
|
QVERIFY(basic.isSupported());
|
||||||
|
|
||||||
QVariantMap basicValue = basic.value().toMap();
|
QVariantMap basicValue = basic.value().toMap();
|
||||||
|
QCOMPARE(basicValue.keys(), QList<QString>() << QStringLiteral("ca"));
|
||||||
QVERIFY(basicValue[QStringLiteral("ca")].toBool() == false);
|
QVERIFY(basicValue[QStringLiteral("ca")].toBool() == false);
|
||||||
|
|
||||||
// Subject key identifier
|
// Subject key identifier
|
||||||
QSslCertificateExtension subjectKey = extensions[subject_key_idx];
|
QSslCertificateExtension subjectKey = extensions[subject_key_idx];
|
||||||
QVERIFY(subjectKey.oid() == QStringLiteral("2.5.29.14"));
|
QVERIFY(subjectKey.oid() == QStringLiteral("2.5.29.14"));
|
||||||
QVERIFY(subjectKey.name() == QStringLiteral("subjectKeyIdentifier"));
|
QVERIFY(subjectKey.name() == QStringLiteral("subjectKeyIdentifier"));
|
||||||
|
QVERIFY(!subjectKey.isCritical());
|
||||||
|
QVERIFY(subjectKey.isSupported());
|
||||||
QVERIFY(subjectKey.value().toString() == QStringLiteral("5F:90:23:CD:24:CA:52:C9:36:29:F0:7E:9D:B1:FE:08:E0:EE:69:F0"));
|
QVERIFY(subjectKey.value().toString() == QStringLiteral("5F:90:23:CD:24:CA:52:C9:36:29:F0:7E:9D:B1:FE:08:E0:EE:69:F0"));
|
||||||
|
|
||||||
// Authority key identifier
|
// Authority key identifier
|
||||||
QSslCertificateExtension authKey = extensions[auth_key_idx];
|
QSslCertificateExtension authKey = extensions[auth_key_idx];
|
||||||
QVERIFY(authKey.oid() == QStringLiteral("2.5.29.35"));
|
QVERIFY(authKey.oid() == QStringLiteral("2.5.29.35"));
|
||||||
QVERIFY(authKey.name() == QStringLiteral("authorityKeyIdentifier"));
|
QVERIFY(authKey.name() == QStringLiteral("authorityKeyIdentifier"));
|
||||||
|
QVERIFY(!authKey.isCritical());
|
||||||
|
QVERIFY(authKey.isSupported());
|
||||||
|
|
||||||
QVariantMap authValue = authKey.value().toMap();
|
QVariantMap authValue = authKey.value().toMap();
|
||||||
|
QCOMPARE(authValue.keys(), QList<QString>() << QStringLiteral("keyid"));
|
||||||
QVERIFY(authValue[QStringLiteral("keyid")].toByteArray() ==
|
QVERIFY(authValue[QStringLiteral("keyid")].toByteArray() ==
|
||||||
QByteArray("4e43c81d76ef37537a4ff2586f94f338e2d5bddf"));
|
QByteArray("4e43c81d76ef37537a4ff2586f94f338e2d5bddf"));
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user