Commit Graph

42 Commits

Author SHA1 Message Date
Mårten Nordheim
f8e551cf08 Fix loading pkcs#8 encrypted DER-encoded keys in openssl
When we load DER-encoded keys in the openssl-backend we always turn it
into PEM-encoded keys (essentially we prepend and append a header and
footer and use 'toBase64' on the DER data).

The problem comes from the header and footer which is simply chosen
based on which key algorithm was chosen by the user. Which would be
wrong when the key is a PKCS#8 key. This caused OpenSSL to fail when
trying to read it. Surprisingly it still loads correctly for unencrypted
keys with the wrong header, but not for encrypted keys.

This patch adds a small function which checks if a key is an encrypted
PKCS#8 key and then uses this function to figure out if a PKCS#8 header
and footer should be used (note that I only do this for encrypted PKCS#8
keys since, as previously mentioned, unencrypted keys are read correctly
by openssl).

The passphrase is now also passed to the QSslKeyPrivate::decodeDer
function so DER-encoded files can actually be decrypted.

[ChangeLog][QtNetwork][QSslKey] The openssl backend can now load
encrypted PKCS#8 DER-encoded keys.

Task-number: QTBUG-17718
Change-Id: I52eedf19bde297c9aa7fb050e835b3fc0db724e2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-11 14:30:08 +00:00
Mårten Nordheim
5c4e5032b5 Unblacklist qsslkey for Linux
Except RHEL-6.6 and 7.4

It was blacklisted in f3939d943e, along
with a lot of other entries. No specifics are known about why it was
blacklisted originally, but now it only fails on RHEL because they
use OpenSSL 1.0.1.

Change-Id: I6d1d1b7b7bf5386b2115b8780163550cf03bbad7
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-04-09 09:34:50 +00:00
Mårten Nordheim
b14934547a Use TESTDATA for QSsl* tests
Apparently this (undocumented) TESTDATA feature creates resource files,
but lets you use wildcards as well, which is very handy.

The reason I didn't know/realize this when adapting the tests to use a
".qrc"-file* was because some of the test-cases were using relative
paths instead of the 'testDataDir' variable.

This commit fixes the remaining uses of relative paths, removes a
usage of QDir::setCurrent, and adapts QSslSocket to use TESTDATA.

* in now-reverted commit e1600c1a73

Change-Id: Iee6d88f1e0810eeaadac90e7d44bc6db84bfeabf
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
2018-01-12 11:43:55 +00:00
André Klitzing
e56eb33cf8 Enable brainpool curves in qsslkey tests
Change-Id: Ibdc0a045e0b0469bfb4dc362e3bc3e6b7940d783
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-01-10 13:25:25 +00:00
Mårten Nordheim
21c9b6fc58 QSsl* tests: Ensure trailing slash on directory path
Then we don't need to add a leading slash. (minor clean-up)

Change-Id: I86af224841009fda838e7cb89d47d324963328c9
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-01-09 08:52:46 +00:00
Mårten Nordheim
a5c58d503d Revert "Adapt the QSsl* tests to use the resource system"
This reverts commit e1600c1a73.

The commit missed the fact that TESTDATA exists. Which supports
wildcards and then can automatically pick up new files when added (as
long as they match a wildcard) and then you don't need to maintain a
giant qrc file.

Change-Id: Ie31fadb5ef6e8dfe6105f4f9764292f78cffb512
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-01-09 08:52:41 +00:00
Mårten Nordheim
e1600c1a73 Adapt the QSsl* tests to use the resource system
This lets the tests run on devices which previously did not have access
to the files used (WinRT, mobile devices).

Change-Id: Ibdd85862eee6ab1a7d4da87ca321ee9bc9880bfa
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-11-30 08:30:42 +00:00
Lars Knoll
60985aa42b Use qtConfig throughout in qtbase
Use the new qtConfig macro in all pro/pri files.

This required adding some feature entries, and adding
{private,public}Feature to every referenced already existing entry.

Change-Id: I164214dad1154df6ad84e86d99ed14994ef97cf4
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
2016-08-19 04:28:05 +00:00
Lars Schmertmann
7f77dc84fb Store QSslKey in specific key format to provide more details for key
In a TLS handshake the ephemeral server key is saved in the ssl
configuration. Clients who want to get the length or algorithm of the
key only get "Opaque" and "-1" as a result because the key is always
stored as "Opaque". This change converts the key to specific type so
more details are available and the client don't need to convert the
handle by hand.

Change-Id: I60f90fc2c1805e528640d391b20c676b6eeeb49e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-07-28 14:32:05 +00:00
Friedemann Kleint
04aa760711 QtNetwork: Remove Windows CE.
Remove #ifdef sections for Q_OS_WINCE and wince .pro file clauses in library,
examples and tests.

Task-number: QTBUG-51673
Change-Id: I3706336395620522ceda414d7437295d9ec64f16
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
2016-03-29 20:28:18 +00:00
Jani Heikkinen
f776595cc1 Updated license headers
From Qt 5.7 -> tools & applications are lisenced under GPL v3 with some
exceptions, see
http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/

Updated license headers to use new GPL-EXCEPT header instead of LGPL21 one
(in those files which will be under GPL 3 with exceptions)

Change-Id: I42a473ddc97101492a60b9287d90979d9eb35ae1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
2016-01-21 18:55:18 +00:00
Friedemann Kleint
240d768ca6 tests/auto/network: Remove some placeholder formatting.
Use QByteArray/QString addition instead in loops and for
test row names.

Change-Id: I7974ace5b34f2da43e7511044e80de1e733245ac
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
2015-10-19 12:38:28 +00:00
Friedemann Kleint
76cf88157f Tests: Remove CONFIG += parallel_test.
The keyword no longer has a meaning for the new CI.

Change-Id: Ibcea4c7a82fb7f982cf4569fdff19f82066543d1
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
2015-09-05 07:16:50 +00:00
Jeremy Lainé
49fee77ccc ssl: add openssl-based QSslKeyPrivate::encrypt / decrypt
This adds an OpenSSL-based implementation of the QSslKeyPrivate encrypt
and decrypt method. This puts both the OpenSSL-based and non-OpenSSL
backends (WinRT for now) on par.

Change-Id: I18a75ee5f1c223601e51ebf0933f4430e7c5c29b
Reviewed-by: Andrew Knight <andrew.knight@intopalo.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-07-20 15:51:02 +00:00
Liang Qi
0aa2d318b1 Merge remote-tracking branch 'origin/5.5' into dev
Conflicts:
	src/corelib/global/qglobal.cpp
	src/corelib/global/qglobal.h
	src/corelib/global/qsysinfo.h
	src/corelib/global/qsystemdetection.h
	src/corelib/kernel/qobjectdefs.h
	src/plugins/plugins.pro
	tests/auto/widgets/itemviews/qlistview/qlistview.pro

Change-Id: Ib55aa79d707c4c1453fb9d697f6cf92211ed665c
2015-07-01 11:05:26 +02:00
Simon Hausmann
f3939d943e Blacklist and skip various tests that are flakey
They didn't show up in the "old" CI runs because they usually pass the second
time they are executed - which the testrunner does. The new CI doesn't do that
anymore, instead we now mark those tests explicitly and will track their record
of passing and failing in the new metrics database.

Change-Id: Id34dd6f792f38995b07b6fec88f833df64de2f8b
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
2015-06-14 10:50:45 +00:00
Oswald Buddenhagen
d32f47b703 fix usage of wince scope
Fix style issues along the way.

Change-Id: Ic6a6de28e198eb0b14c198b802e78845703909b9
Reviewed-by: Joerg Bornemann <joerg.bornemann@theqtcompany.com>
2015-06-05 10:29:10 +00:00
Jani Heikkinen
83a5694dc2 Update copyright headers
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.

Outdated header.LGPL removed (use header.LGPL21 instead)

Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)

Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination

Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
2015-02-11 06:49:51 +00:00
André Klitzing
962ea5690c Add elliptic curve support to QSsl
Add possibility to get length and other information of EC based
certificates. Also it is possible to parse those public/private
keys from PEM and DER encoded files.

Based on patch by Remco Bloemen

[ChangeLog][QtNetwork][SSL/TLS support] It is now possible to
parse elliptic curve certificates.

Change-Id: I4b11f726296aecda89c3cbd195d7c817ae6fc47b
Task-number: QTBUG-18972
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2015-01-18 10:18:43 +01:00
Matti Paaso
974c210835 Update license headers and add new license files
- Renamed LICENSE.LGPL to LICENSE.LGPLv21
- Added LICENSE.LGPLv3
- Removed LICENSE.GPL

Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2
Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
2014-09-24 12:26:19 +02:00
Jeremy Lainé
cd3dece750 ssl: common key parser support for encrypted keys
This adds the infrastructure for reading and writing encrypted private keys
when using non-OpenSSL backends. Each platform must provide its cryptographic
encrypt / decrypt functions.

As WinRT already uses the common parser, this commit includes an
implementation for that platform.

Done-with: Andrew Knight <andrew.knight@digia.com>
Task-number: QTBUG-40688
Change-Id: I0d153425ce63601ff03b784a111e13962061025f
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-02 23:16:25 +02:00
Jeremy Lainé
5c3a499c9f ssl: disable (broken) i/o on DER encoded keys
QSslKey currently has methods which supposedly allow decoding and
encoding private keys as DER protected by a passphrase. This is
broken by design as explained in QTBUG-41038, as storing the encrypted
DER data alone makes no sense: such a file lacks the necessary
information about the encryption algorithm and initialization vector.

This change:

- explicitly stops using the passphrase when decoding DER in the
  constructor. The behavior is unchanged, it is not possible to
  read the encrypted DER alone.

- refuses to honor the passphrase to DER encode a private key. The toDer
  method now outputs an empty QByteArray instead of garbage.

Task-number: QTBUG-41038
Change-Id: I4281050cf1104f12d154db201a173633bfe22bd9
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-30 17:36:23 +02:00
Jeremy Lainé
2fd0afc1f8 ssl: add a test for 3DES encrypted keys
This adds a test for 3DES encrypted keys in addition to the
current DES encrypted keys.

Change-Id: I229e3ef710e9ee23efa2a3275b89d958491de4a2
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-30 17:24:05 +02:00
Jeremy Lainé
6a4cb8d62b ssl: Add common key parser for backends
This internal implementation of QSslKey can be used when OpenSSL is not
available. Encrypted keys are not supported, as the cryptography must
be supplied by a separate library.

With this commit, WinRT is migrated to the new implementation,
but qsslkey_winrt.cpp is left in place so that the missing crypto
implementation can be added later. This also means most of the expected
failures for that platform can be removed from the autotest.

Change-Id: I24a3ad1053bb72311613b28b3ae845aa1645a321
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-29 23:18:22 +02:00
Andrew Knight
8c864ac498 winrt: Add partial SSL key support
This allows for opening of public key files. It does not, however,
support opening private keys (or decrypting/encrypting them). This is
due to limitations in the native API.

Nearly all public key tests pass (the native API doesn't support the
40-bit key in the test set). The private key tests are expected to fail.

Task-number: QTBUG-40688
Change-Id: Id8f2f1ae6526540736ceb2e5371f6a5d80c4ba7b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
2014-08-13 21:09:51 +02:00
Sergio Ahumada
699ba50744 QtNetwork tests: Remove DEFINES += QT_DISABLE_DEPRECATED_BEFORE=0
Change-Id: If1cc5fafddc41ed19dd818caf294c69cd4969216
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-02-25 16:47:13 +01:00
Sergio Ahumada
48e0c4df23 Update copyright year in Digia's license headers
Change-Id: Ic804938fc352291d011800d21e549c10acac66fb
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
2013-01-18 09:07:35 +01:00
Iikka Eklund
be15856f61 Change copyrights from Nokia to Digia
Change copyrights and license headers from Nokia to Digia

Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
2012-09-22 19:20:11 +02:00
Thiago Macieira
672b5b7ab6 Set the Qt API level to compatibility mode in all tests.
Qt 5.0 beta requires changing the default to the 5.0 API, disabling
the deprecated code. However, tests should test (and often do) the
compatibility API too, so turn it back on.

Task-number: QTBUG-25053
Change-Id: I8129c3ef3cb58541c95a32d083850d9e7f768927
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
2012-08-01 15:37:46 +02:00
Rohan McGovern
177070cb7b Add CONFIG+=parallel_test to suspected parallel-safe tests.
These tests have passed a parallel stress test on all three of Linux,
Mac, Windows.  Mark them with CONFIG+=parallel_test to allow CI to run
them in parallel, saving time.

Change-Id: I19fd333c3c645a67374ca998f6c8530dd236b0f8
Reviewed-by: Toby Tomkins <toby.tomkins@nokia.com>
2012-05-28 07:33:01 +02:00
Mitch Curtis
3042267a93 Fixed unused function warning in qsslkey test.
Change-Id: I5039e011f3c9b44ed1887424f11e4e146c3eb07f
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
2012-05-21 16:02:06 +02:00
Shane Kearns
3f91cde588 Test for QT_NO_SSL instead of QT_NO_OPENSSL
Change the ifdefs in our own code (except openssl backend) to use the
new configure flag.

Change-Id: I8774734771c66b22164b5fae8fdb27814ac3df7b
Reviewed-by: Richard J. Moore <rich@kde.org>
2012-02-21 15:28:40 +01:00
Kurt Korbatits
4121f9df29 Changed qsslkey to work from installation directory
- Changed to use TESTDATA and QFINDTESTDATA instead of SRCDIR

Change-Id: I30bf175c2c9044e1f8556260a032467ca0dfc09f
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
Reviewed-by: Jason McDonald <jason.mcdonald@nokia.com>
2012-02-17 05:24:43 +01:00
Jason McDonald
6dfb1de099 Eliminate duplicate data row names in network autotests
Change-Id: Icbfc24309a182f37268232fc3c299d35d6d6a0ea
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-02-16 02:00:46 +01:00
Xizhi Zhu
ba9302b8a9 Remove Symbian specific code from qtbase.
Change-Id: I27d37d914b71e1e43c94e2a975ffec49e1ecd456
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
2012-01-31 07:08:31 +01:00
Jason McDonald
5635823e17 Remove "All rights reserved" line from license headers.
As in the past, to avoid rewriting various autotests that contain
line-number information, an extra blank line has been inserted at the
end of the license text to ensure that this commit does not change the
total number of lines in the license header.

Change-Id: I311e001373776812699d6efc045b5f742890c689
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-01-30 03:54:59 +01:00
Jason McDonald
629d6eda5c Update contact information in license headers.
Replace Nokia contact email address with Qt Project website.

Change-Id: I431bbbf76d7c27d8b502f87947675c116994c415
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-01-23 04:04:33 +01:00
Jason McDonald
1fdfc2abfe Update copyright year in license headers.
Change-Id: I02f2c620296fcd91d4967d58767ea33fc4e1e7dc
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-01-05 06:36:56 +01:00
Rohan McGovern
d04bf8f407 all remaining tests: eliminated usage of qttest_p4.prf
qttest_p4.prf was added as a convenience for Qt's own autotests in Qt4.
It enables various crufty undocumented magic, of dubious value.
Stop using it, and explicitly enable the things from it which we want.

Change-Id: I02fe27b2c1800f929250fa8694ca2976c9661a12
Reviewed-by: Jason McDonald <jason.mcdonald@nokia.com>
2011-10-25 08:42:23 +02:00
Friedemann Kleint
f18b690cca Tests: Fix compilation on Windows.
Replace Q_WS_... by Q_OS_... in corelib tests.

Change-Id: I14c41dca1ec490b3c49ba2c24e60def14c6de9da
Reviewed-on: http://codereview.qt-project.org/5778
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-10-03 07:57:41 +02:00
Jason McDonald
95cebd34eb Remove Symbian-specific code from tests.
Symbian is not a supported platform for Qt5, so this code is no longer
required.

Change-Id: I1172e6a42d518490e63e9599bf10579df08259aa
Reviewed-on: http://codereview.qt-project.org/5657
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-09-29 06:41:42 +02:00
Jo Asplin
c59f9ad776 Moved network autotests into new directory structure
Task-number: QTBUG-21223

Change-Id: I55dbf5c42a1c5d938b9e0c9bf7d90457a6c26bbc
Reviewed-on: http://codereview.qt-project.org/4259
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2011-09-09 09:32:17 +02:00