1 /* GLib testing framework examples and tests
3 * Copyright (C) 2011 Collabora Ltd.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
20 * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
27 #include "gtesttlsbackend.h"
37 pem_parser (const Reference
*ref
)
39 GTlsCertificate
*cert
;
41 gchar
*parsed_cert_pem
= NULL
;
42 const gchar
*parsed_key_pem
= NULL
;
45 /* Check PEM parsing in certificate, private key order. */
46 g_file_get_contents (SRCDIR
"/cert-key.pem", &pem
, NULL
, &error
);
47 g_assert_no_error (error
);
50 cert
= g_tls_certificate_new_from_pem (pem
, -1, &error
);
51 g_assert_no_error (error
);
55 "certificate-pem", &parsed_cert_pem
,
57 parsed_key_pem
= g_test_tls_connection_get_private_key_pem (cert
);
58 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[0]);
59 g_free (parsed_cert_pem
);
60 parsed_cert_pem
= NULL
;
61 g_assert_cmpstr (parsed_key_pem
, ==, ref
->key_pem
);
62 parsed_key_pem
= NULL
;
64 g_object_unref (cert
);
66 /* Make sure length is respected and parser detect invalid (truncated) PEM. */
67 cert
= g_tls_certificate_new_from_pem (pem
, 10, &error
);
68 g_assert_error (error
, G_TLS_ERROR
, G_TLS_ERROR_BAD_CERTIFICATE
);
69 g_clear_error (&error
);
72 /* Check PEM parsing in private key, certificate order */
73 g_file_get_contents (SRCDIR
"/key-cert.pem", &pem
, NULL
, &error
);
74 g_assert_no_error (error
);
77 cert
= g_tls_certificate_new_from_pem (pem
, -1, &error
);
78 g_assert_no_error (error
);
82 "certificate-pem", &parsed_cert_pem
,
84 parsed_key_pem
= g_test_tls_connection_get_private_key_pem (cert
);
85 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[0]);
86 g_free (parsed_cert_pem
);
87 parsed_cert_pem
= NULL
;
88 g_assert_cmpstr (parsed_key_pem
, ==, ref
->key_pem
);
89 parsed_key_pem
= NULL
;
92 g_object_unref (cert
);
94 /* Check certificate only PEM */
95 g_file_get_contents (SRCDIR
"/cert1.pem", &pem
, NULL
, &error
);
96 g_assert_no_error (error
);
99 cert
= g_tls_certificate_new_from_pem (pem
, -1, &error
);
100 g_assert_no_error (error
);
104 "certificate-pem", &parsed_cert_pem
,
106 parsed_key_pem
= g_test_tls_connection_get_private_key_pem (cert
);
107 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[0]);
108 g_free (parsed_cert_pem
);
109 parsed_cert_pem
= NULL
;
110 g_assert (parsed_key_pem
== NULL
);
113 g_object_unref (cert
);
115 /* Check error with private key only PEM */
116 g_file_get_contents (SRCDIR
"/key.pem", &pem
, NULL
, &error
);
117 g_assert_no_error (error
);
120 cert
= g_tls_certificate_new_from_pem (pem
, -1, &error
);
121 g_assert_error (error
, G_TLS_ERROR
, G_TLS_ERROR_BAD_CERTIFICATE
);
122 g_clear_error (&error
);
123 g_assert (cert
== NULL
);
128 from_file (const Reference
*ref
)
130 GTlsCertificate
*cert
;
131 gchar
*parsed_cert_pem
= NULL
;
132 const gchar
*parsed_key_pem
= NULL
;
133 GError
*error
= NULL
;
135 cert
= g_tls_certificate_new_from_file (SRCDIR
"/key-cert.pem", &error
);
136 g_assert_no_error (error
);
140 "certificate-pem", &parsed_cert_pem
,
142 parsed_key_pem
= g_test_tls_connection_get_private_key_pem (cert
);
143 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[0]);
144 g_free (parsed_cert_pem
);
145 parsed_cert_pem
= NULL
;
146 g_assert_cmpstr (parsed_key_pem
, ==, ref
->key_pem
);
147 parsed_key_pem
= NULL
;
149 g_object_unref (cert
);
153 from_files (const Reference
*ref
)
155 GTlsCertificate
*cert
;
156 gchar
*parsed_cert_pem
= NULL
;
157 const gchar
*parsed_key_pem
= NULL
;
158 GError
*error
= NULL
;
160 cert
= g_tls_certificate_new_from_files (SRCDIR
"/cert1.pem",
163 g_assert_no_error (error
);
167 "certificate-pem", &parsed_cert_pem
,
169 parsed_key_pem
= g_test_tls_connection_get_private_key_pem (cert
);
170 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[0]);
171 g_free (parsed_cert_pem
);
172 parsed_cert_pem
= NULL
;
173 g_assert_cmpstr (parsed_key_pem
, ==, ref
->key_pem
);
174 parsed_key_pem
= NULL
;
176 g_object_unref (cert
);
178 /* Missing private key */
179 cert
= g_tls_certificate_new_from_files (SRCDIR
"/cert1.pem",
182 g_assert_error (error
, G_TLS_ERROR
, G_TLS_ERROR_BAD_CERTIFICATE
);
183 g_clear_error (&error
);
184 g_assert (cert
== NULL
);
186 /* Missing certificate */
187 cert
= g_tls_certificate_new_from_files (SRCDIR
"/key.pem",
190 g_assert_error (error
, G_TLS_ERROR
, G_TLS_ERROR_BAD_CERTIFICATE
);
191 g_clear_error (&error
);
192 g_assert (cert
== NULL
);
194 /* Using this method twice with a file containing both private key and
195 * certificate as a way to inforce private key presence is a fair use */
196 cert
= g_tls_certificate_new_from_files (SRCDIR
"/key-cert.pem",
197 SRCDIR
"/key-cert.pem",
199 g_assert_no_error (error
);
201 g_object_unref (cert
);
206 from_files_pkcs8 (const Reference
*ref
)
208 GTlsCertificate
*cert
;
209 gchar
*parsed_cert_pem
= NULL
;
210 const gchar
*parsed_key_pem
= NULL
;
211 GError
*error
= NULL
;
213 cert
= g_tls_certificate_new_from_files (SRCDIR
"/cert1.pem",
216 g_assert_no_error (error
);
220 "certificate-pem", &parsed_cert_pem
,
222 parsed_key_pem
= g_test_tls_connection_get_private_key_pem (cert
);
223 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[0]);
224 g_free (parsed_cert_pem
);
225 parsed_cert_pem
= NULL
;
226 g_assert_cmpstr (parsed_key_pem
, ==, ref
->key8_pem
);
227 parsed_key_pem
= NULL
;
229 g_object_unref (cert
);
233 list_from_file (const Reference
*ref
)
236 GError
*error
= NULL
;
239 list
= g_tls_certificate_list_new_from_file (SRCDIR
"/cert-list.pem", &error
);
240 g_assert_no_error (error
);
241 g_assert_cmpint (g_list_length (list
), ==, 3);
244 for (i
= 0; i
< 3; i
++)
246 GTlsCertificate
*cert
= l
->data
;
247 gchar
*parsed_cert_pem
= NULL
;
249 "certificate-pem", &parsed_cert_pem
,
251 g_assert_cmpstr (parsed_cert_pem
, ==, ref
->cert_pems
[i
]);
252 g_free (parsed_cert_pem
);
256 g_list_free_full (list
, g_object_unref
);
258 /* Empty list is not an error */
259 list
= g_tls_certificate_list_new_from_file (SRCDIR
"/nothing.pem", &error
);
260 g_assert_no_error (error
);
261 g_assert_cmpint (g_list_length (list
), ==, 0);
270 GError
*error
= NULL
;
273 g_test_init (&argc
, &argv
, NULL
);
275 _g_test_tls_backend_get_type ();
277 /* Load reference PEM */
278 g_file_get_contents (SRCDIR
"/cert1.pem", &ref
.cert_pems
[0], NULL
, &error
);
279 g_assert_no_error (error
);
280 g_assert (ref
.cert_pems
[0]);
281 g_file_get_contents (SRCDIR
"/cert2.pem", &ref
.cert_pems
[1], NULL
, &error
);
282 g_assert_no_error (error
);
283 g_assert (ref
.cert_pems
[1]);
284 g_file_get_contents (SRCDIR
"/cert3.pem", &ref
.cert_pems
[2], NULL
, &error
);
285 g_assert_no_error (error
);
286 g_assert (ref
.cert_pems
[2]);
287 g_file_get_contents (SRCDIR
"/key.pem", &ref
.key_pem
, NULL
, &error
);
288 g_assert_no_error (error
);
289 g_assert (ref
.key_pem
);
290 g_file_get_contents (SRCDIR
"/key8.pem", &ref
.key8_pem
, NULL
, &error
);
291 g_assert_no_error (error
);
292 g_assert (ref
.key8_pem
);
294 g_test_add_data_func ("/tls-certificate/pem-parser",
295 &ref
, (GTestDataFunc
)pem_parser
);
296 g_test_add_data_func ("/tls-certificate/from_file",
297 &ref
, (GTestDataFunc
)from_file
);
298 g_test_add_data_func ("/tls-certificate/from_files",
299 &ref
, (GTestDataFunc
)from_files
);
300 g_test_add_data_func ("/tls-certificate/from_files_pkcs8",
301 &ref
, (GTestDataFunc
)from_files_pkcs8
);
302 g_test_add_data_func ("/tls-certificate/list_from_file",
303 &ref
, (GTestDataFunc
)list_from_file
);
307 g_free (ref
.cert_pems
[0]);
308 g_free (ref
.cert_pems
[1]);
309 g_free (ref
.cert_pems
[2]);
310 g_free (ref
.key_pem
);
311 g_free (ref
.key8_pem
);