search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
docs: Add GIOModuleScope and GIOModuleScopeFlags
[glib.git] / gio / tests / tls-certificate.c
bloba1796daea559d65791208c08f3ad4eda8f784402
1 /* GLib testing framework examples and tests
2 *
3 * Copyright (C) 2011 Collabora Ltd.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
19 *
20 * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
21 */
22
23 #include "config.h"
24
25 #include <gio/gio.h>
26
27 #include "gtesttlsbackend.h"
28
29 typedef struct
30 {
31 gchar *cert_pems[3];
32 gchar *key_pem;
33 gchar *key8_pem;
34 } Reference;
35
36 static void
37 pem_parser (const Reference *ref)
38 {
39 GTlsCertificate *cert;
40 gchar *pem;
41 gchar *parsed_cert_pem = NULL;
42 const gchar *parsed_key_pem = NULL;
43 GError *error = NULL;
44
45 /* Check PEM parsing in certificate, private key order. */
46 g_file_get_contents (SRCDIR "/cert-key.pem", &pem, NULL, &error);
47 g_assert_no_error (error);
48 g_assert (pem);
49
50 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
51 g_assert_no_error (error);
52 g_assert (cert);
53
54 g_object_get (cert,
55 "certificate-pem", &parsed_cert_pem,
56 NULL);
57 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
58 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
59 g_free (parsed_cert_pem);
60 parsed_cert_pem = NULL;
61 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
62 parsed_key_pem = NULL;
63
64 g_object_unref (cert);
65
66 /* Make sure length is respected and parser detect invalid (truncated) PEM. */
67 cert = g_tls_certificate_new_from_pem (pem, 10, &error);
68 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
69 g_clear_error (&error);
70 g_free (pem);
71
72 /* Check PEM parsing in private key, certificate order */
73 g_file_get_contents (SRCDIR "/key-cert.pem", &pem, NULL, &error);
74 g_assert_no_error (error);
75 g_assert (pem);
76
77 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
78 g_assert_no_error (error);
79 g_assert (cert);
80
81 g_object_get (cert,
82 "certificate-pem", &parsed_cert_pem,
83 NULL);
84 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
85 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
86 g_free (parsed_cert_pem);
87 parsed_cert_pem = NULL;
88 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
89 parsed_key_pem = NULL;
90
91 g_free (pem);
92 g_object_unref (cert);
93
94 /* Check certificate only PEM */
95 g_file_get_contents (SRCDIR "/cert1.pem", &pem, NULL, &error);
96 g_assert_no_error (error);
97 g_assert (pem);
98
99 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
100 g_assert_no_error (error);
101 g_assert (cert);
102
103 g_object_get (cert,
104 "certificate-pem", &parsed_cert_pem,
105 NULL);
106 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
107 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
108 g_free (parsed_cert_pem);
109 parsed_cert_pem = NULL;
110 g_assert (parsed_key_pem == NULL);
111
112 g_free (pem);
113 g_object_unref (cert);
114
115 /* Check error with private key only PEM */
116 g_file_get_contents (SRCDIR "/key.pem", &pem, NULL, &error);
117 g_assert_no_error (error);
118 g_assert (pem);
119
120 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
121 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
122 g_clear_error (&error);
123 g_assert (cert == NULL);
124 g_free (pem);
125 }
126
127 static void
128 from_file (const Reference *ref)
129 {
130 GTlsCertificate *cert;
131 gchar *parsed_cert_pem = NULL;
132 const gchar *parsed_key_pem = NULL;
133 GError *error = NULL;
134
135 cert = g_tls_certificate_new_from_file (SRCDIR "/key-cert.pem", &error);
136 g_assert_no_error (error);
137 g_assert (cert);
138
139 g_object_get (cert,
140 "certificate-pem", &parsed_cert_pem,
141 NULL);
142 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
143 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
144 g_free (parsed_cert_pem);
145 parsed_cert_pem = NULL;
146 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
147 parsed_key_pem = NULL;
148
149 g_object_unref (cert);
150 }
151
152 static void
153 from_files (const Reference *ref)
154 {
155 GTlsCertificate *cert;
156 gchar *parsed_cert_pem = NULL;
157 const gchar *parsed_key_pem = NULL;
158 GError *error = NULL;
159
160 cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
161 SRCDIR "/key.pem",
162 &error);
163 g_assert_no_error (error);
164 g_assert (cert);
165
166 g_object_get (cert,
167 "certificate-pem", &parsed_cert_pem,
168 NULL);
169 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
170 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
171 g_free (parsed_cert_pem);
172 parsed_cert_pem = NULL;
173 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
174 parsed_key_pem = NULL;
175
176 g_object_unref (cert);
177
178 /* Missing private key */
179 cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
180 SRCDIR "/cert2.pem",
181 &error);
182 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
183 g_clear_error (&error);
184 g_assert (cert == NULL);
185
186 /* Missing certificate */
187 cert = g_tls_certificate_new_from_files (SRCDIR "/key.pem",
188 SRCDIR "/key.pem",
189 &error);
190 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
191 g_clear_error (&error);
192 g_assert (cert == NULL);
193
194 /* Using this method twice with a file containing both private key and
195 * certificate as a way to inforce private key presence is a fair use */
196 cert = g_tls_certificate_new_from_files (SRCDIR "/key-cert.pem",
197 SRCDIR "/key-cert.pem",
198 &error);
199 g_assert_no_error (error);
200 g_assert (cert);
201 g_object_unref (cert);
202 }
203
204
205 static void
206 from_files_pkcs8 (const Reference *ref)
207 {
208 GTlsCertificate *cert;
209 gchar *parsed_cert_pem = NULL;
210 const gchar *parsed_key_pem = NULL;
211 GError *error = NULL;
212
213 cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
214 SRCDIR "/key8.pem",
215 &error);
216 g_assert_no_error (error);
217 g_assert (cert);
218
219 g_object_get (cert,
220 "certificate-pem", &parsed_cert_pem,
221 NULL);
222 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
223 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
224 g_free (parsed_cert_pem);
225 parsed_cert_pem = NULL;
226 g_assert_cmpstr (parsed_key_pem, ==, ref->key8_pem);
227 parsed_key_pem = NULL;
228
229 g_object_unref (cert);
230 }
231
232 static void
233 list_from_file (const Reference *ref)
234 {
235 GList *list, *l;
236 GError *error = NULL;
237 int i;
238
239 list = g_tls_certificate_list_new_from_file (SRCDIR "/cert-list.pem", &error);
240 g_assert_no_error (error);
241 g_assert_cmpint (g_list_length (list), ==, 3);
242
243 l = list;
244 for (i = 0; i < 3; i++)
245 {
246 GTlsCertificate *cert = l->data;
247 gchar *parsed_cert_pem = NULL;
248 g_object_get (cert,
249 "certificate-pem", &parsed_cert_pem,
250 NULL);
251 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]);
252 g_free (parsed_cert_pem);
253 l = g_list_next (l);
254 }
255
256 g_list_free_full (list, g_object_unref);
257
258 /* Empty list is not an error */
259 list = g_tls_certificate_list_new_from_file (SRCDIR "/nothing.pem", &error);
260 g_assert_no_error (error);
261 g_assert_cmpint (g_list_length (list), ==, 0);
262 }
263
264 int
265 main (int argc,
266 char *argv[])
267 {
268 int rtv;
269 Reference ref;
270 GError *error = NULL;
271
272 g_type_init ();
273 g_test_init (&argc, &argv, NULL);
274
275 _g_test_tls_backend_get_type ();
276
277 /* Load reference PEM */
278 g_file_get_contents (SRCDIR "/cert1.pem", &ref.cert_pems[0], NULL, &error);
279 g_assert_no_error (error);
280 g_assert (ref.cert_pems[0]);
281 g_file_get_contents (SRCDIR "/cert2.pem", &ref.cert_pems[1], NULL, &error);
282 g_assert_no_error (error);
283 g_assert (ref.cert_pems[1]);
284 g_file_get_contents (SRCDIR "/cert3.pem", &ref.cert_pems[2], NULL, &error);
285 g_assert_no_error (error);
286 g_assert (ref.cert_pems[2]);
287 g_file_get_contents (SRCDIR "/key.pem", &ref.key_pem, NULL, &error);
288 g_assert_no_error (error);
289 g_assert (ref.key_pem);
290 g_file_get_contents (SRCDIR "/key8.pem", &ref.key8_pem, NULL, &error);
291 g_assert_no_error (error);
292 g_assert (ref.key8_pem);
293
294 g_test_add_data_func ("/tls-certificate/pem-parser",
295 &ref, (GTestDataFunc)pem_parser);
296 g_test_add_data_func ("/tls-certificate/from_file",
297 &ref, (GTestDataFunc)from_file);
298 g_test_add_data_func ("/tls-certificate/from_files",
299 &ref, (GTestDataFunc)from_files);
300 g_test_add_data_func ("/tls-certificate/from_files_pkcs8",
301 &ref, (GTestDataFunc)from_files_pkcs8);
302 g_test_add_data_func ("/tls-certificate/list_from_file",
303 &ref, (GTestDataFunc)list_from_file);
304
305 rtv = g_test_run();
306
307 g_free (ref.cert_pems[0]);
308 g_free (ref.cert_pems[1]);
309 g_free (ref.cert_pems[2]);
310 g_free (ref.key_pem);
311 g_free (ref.key8_pem);
312
313 return rtv;
314 }
glib mirror