ssl: tighten QSslCertificateExtension tests

This tightens tests performed on a certificate's extensions by checking
isCritical() and isSupported() for all extensions. It also explicitly
checks the keys when value() returns a QVariantMap.

Change-Id: If51c55be25bbcd09cc3a6712ddfea2bf9a01360f
Reviewed-by: Richard J. Moore <rich@kde.org>
This commit is contained in:
Jeremy Lainé 2014-09-03 14:53:14 +02:00
parent 5cb21215c9
commit a02d798bbd

View File

@ -1096,6 +1096,8 @@ void tst_QSslCertificate::extensions()
QSslCertificateExtension unknown = extensions[unknown_idx]; QSslCertificateExtension unknown = extensions[unknown_idx];
QVERIFY(unknown.oid() == QStringLiteral("1.3.6.1.5.5.7.1.12")); QVERIFY(unknown.oid() == QStringLiteral("1.3.6.1.5.5.7.1.12"));
QVERIFY(unknown.name() == QStringLiteral("1.3.6.1.5.5.7.1.12")); QVERIFY(unknown.name() == QStringLiteral("1.3.6.1.5.5.7.1.12"));
QVERIFY(!unknown.isCritical());
QVERIFY(!unknown.isSupported());
QByteArray unknownValue = QByteArray::fromHex( QByteArray unknownValue = QByteArray::fromHex(
"3060A15EA05C305A305830561609696D6167652F6769663021301F300706052B0E03021A0414" \ "3060A15EA05C305A305830561609696D6167652F6769663021301F300706052B0E03021A0414" \
@ -1107,8 +1109,11 @@ void tst_QSslCertificate::extensions()
QSslCertificateExtension aia = extensions[authority_info_idx]; QSslCertificateExtension aia = extensions[authority_info_idx];
QVERIFY(aia.oid() == QStringLiteral("1.3.6.1.5.5.7.1.1")); QVERIFY(aia.oid() == QStringLiteral("1.3.6.1.5.5.7.1.1"));
QVERIFY(aia.name() == QStringLiteral("authorityInfoAccess")); QVERIFY(aia.name() == QStringLiteral("authorityInfoAccess"));
QVERIFY(!aia.isCritical());
QVERIFY(aia.isSupported());
QVariantMap aiaValue = aia.value().toMap(); QVariantMap aiaValue = aia.value().toMap();
QCOMPARE(aiaValue.keys(), QList<QString>() << QStringLiteral("OCSP") << QStringLiteral("caIssuers"));
QString ocsp = aiaValue[QStringLiteral("OCSP")].toString(); QString ocsp = aiaValue[QStringLiteral("OCSP")].toString();
QString caIssuers = aiaValue[QStringLiteral("caIssuers")].toString(); QString caIssuers = aiaValue[QStringLiteral("caIssuers")].toString();
@ -1119,22 +1124,30 @@ void tst_QSslCertificate::extensions()
QSslCertificateExtension basic = extensions[basic_constraints_idx]; QSslCertificateExtension basic = extensions[basic_constraints_idx];
QVERIFY(basic.oid() == QStringLiteral("2.5.29.19")); QVERIFY(basic.oid() == QStringLiteral("2.5.29.19"));
QVERIFY(basic.name() == QStringLiteral("basicConstraints")); QVERIFY(basic.name() == QStringLiteral("basicConstraints"));
QVERIFY(!basic.isCritical());
QVERIFY(basic.isSupported());
QVariantMap basicValue = basic.value().toMap(); QVariantMap basicValue = basic.value().toMap();
QCOMPARE(basicValue.keys(), QList<QString>() << QStringLiteral("ca"));
QVERIFY(basicValue[QStringLiteral("ca")].toBool() == false); QVERIFY(basicValue[QStringLiteral("ca")].toBool() == false);
// Subject key identifier // Subject key identifier
QSslCertificateExtension subjectKey = extensions[subject_key_idx]; QSslCertificateExtension subjectKey = extensions[subject_key_idx];
QVERIFY(subjectKey.oid() == QStringLiteral("2.5.29.14")); QVERIFY(subjectKey.oid() == QStringLiteral("2.5.29.14"));
QVERIFY(subjectKey.name() == QStringLiteral("subjectKeyIdentifier")); QVERIFY(subjectKey.name() == QStringLiteral("subjectKeyIdentifier"));
QVERIFY(!subjectKey.isCritical());
QVERIFY(subjectKey.isSupported());
QVERIFY(subjectKey.value().toString() == QStringLiteral("5F:90:23:CD:24:CA:52:C9:36:29:F0:7E:9D:B1:FE:08:E0:EE:69:F0")); QVERIFY(subjectKey.value().toString() == QStringLiteral("5F:90:23:CD:24:CA:52:C9:36:29:F0:7E:9D:B1:FE:08:E0:EE:69:F0"));
// Authority key identifier // Authority key identifier
QSslCertificateExtension authKey = extensions[auth_key_idx]; QSslCertificateExtension authKey = extensions[auth_key_idx];
QVERIFY(authKey.oid() == QStringLiteral("2.5.29.35")); QVERIFY(authKey.oid() == QStringLiteral("2.5.29.35"));
QVERIFY(authKey.name() == QStringLiteral("authorityKeyIdentifier")); QVERIFY(authKey.name() == QStringLiteral("authorityKeyIdentifier"));
QVERIFY(!authKey.isCritical());
QVERIFY(authKey.isSupported());
QVariantMap authValue = authKey.value().toMap(); QVariantMap authValue = authKey.value().toMap();
QCOMPARE(authValue.keys(), QList<QString>() << QStringLiteral("keyid"));
QVERIFY(authValue[QStringLiteral("keyid")].toByteArray() == QVERIFY(authValue[QStringLiteral("keyid")].toByteArray() ==
QByteArray("4e43c81d76ef37537a4ff2586f94f338e2d5bddf")); QByteArray("4e43c81d76ef37537a4ff2586f94f338e2d5bddf"));