1 /* GLib testing framework examples and tests
3 * Copyright (C) 2011 Collabora Ltd.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
25 #include "gtesttlsbackend.h"
35 pem_parser (const Reference *ref)
37 GTlsCertificate *cert;
39 gchar *parsed_cert_pem = NULL;
40 const gchar *parsed_key_pem = NULL;
43 /* Check PEM parsing in certificate, private key order. */
44 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-key.pem", NULL), &pem, NULL, &error);
45 g_assert_no_error (error);
48 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
49 g_assert_no_error (error);
53 "certificate-pem", &parsed_cert_pem,
55 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
56 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
57 g_free (parsed_cert_pem);
58 parsed_cert_pem = NULL;
59 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
60 parsed_key_pem = NULL;
62 g_object_unref (cert);
64 /* Make sure length is respected and parser detect invalid (truncated) PEM. */
65 cert = g_tls_certificate_new_from_pem (pem, 10, &error);
66 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
67 g_clear_error (&error);
70 /* Check PEM parsing in private key, certificate order */
71 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL), &pem, NULL, &error);
72 g_assert_no_error (error);
75 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
76 g_assert_no_error (error);
80 "certificate-pem", &parsed_cert_pem,
82 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
83 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
84 g_free (parsed_cert_pem);
85 parsed_cert_pem = NULL;
86 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
87 parsed_key_pem = NULL;
90 g_object_unref (cert);
92 /* Check certificate only PEM */
93 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), &pem, NULL, &error);
94 g_assert_no_error (error);
97 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
98 g_assert_no_error (error);
102 "certificate-pem", &parsed_cert_pem,
104 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
105 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
106 g_free (parsed_cert_pem);
107 parsed_cert_pem = NULL;
108 g_assert (parsed_key_pem == NULL);
111 g_object_unref (cert);
113 /* Check error with private key only PEM */
114 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL), &pem, NULL, &error);
115 g_assert_no_error (error);
118 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
119 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
120 g_clear_error (&error);
121 g_assert (cert == NULL);
126 from_file (const Reference *ref)
128 GTlsCertificate *cert;
129 gchar *parsed_cert_pem = NULL;
130 const gchar *parsed_key_pem = NULL;
131 GError *error = NULL;
133 cert = g_tls_certificate_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL),
135 g_assert_no_error (error);
139 "certificate-pem", &parsed_cert_pem,
141 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
142 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
143 g_free (parsed_cert_pem);
144 parsed_cert_pem = NULL;
145 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
146 parsed_key_pem = NULL;
148 g_object_unref (cert);
152 from_files (const Reference *ref)
154 GTlsCertificate *cert;
155 gchar *parsed_cert_pem = NULL;
156 const gchar *parsed_key_pem = NULL;
157 GError *error = NULL;
159 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
160 g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL),
162 g_assert_no_error (error);
166 "certificate-pem", &parsed_cert_pem,
168 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
169 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
170 g_free (parsed_cert_pem);
171 parsed_cert_pem = NULL;
172 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
173 parsed_key_pem = NULL;
175 g_object_unref (cert);
177 /* Missing private key */
178 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
179 g_test_get_filename (G_TEST_DIST, "cert-tests", "cert2.pem", NULL),
181 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
182 g_clear_error (&error);
183 g_assert (cert == NULL);
185 /* Missing certificate */
186 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL),
187 g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL),
189 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
190 g_clear_error (&error);
191 g_assert (cert == NULL);
193 /* Using this method twice with a file containing both private key and
194 * certificate as a way to inforce private key presence is a fair use
196 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL),
197 g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL),
199 g_assert_no_error (error);
201 g_object_unref (cert);
206 from_files_pkcs8 (const Reference *ref)
208 GTlsCertificate *cert;
209 gchar *parsed_cert_pem = NULL;
210 const gchar *parsed_key_pem = NULL;
211 GError *error = NULL;
213 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
214 g_test_get_filename (G_TEST_DIST, "cert-tests", "key8.pem", NULL),
216 g_assert_no_error (error);
220 "certificate-pem", &parsed_cert_pem,
222 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
223 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
224 g_free (parsed_cert_pem);
225 parsed_cert_pem = NULL;
226 g_assert_cmpstr (parsed_key_pem, ==, ref->key8_pem);
227 parsed_key_pem = NULL;
229 g_object_unref (cert);
233 list_from_file (const Reference *ref)
236 GError *error = NULL;
239 list = g_tls_certificate_list_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-list.pem", NULL),
241 g_assert_no_error (error);
242 g_assert_cmpint (g_list_length (list), ==, 3);
245 for (i = 0; i < 3; i++)
247 GTlsCertificate *cert = l->data;
248 gchar *parsed_cert_pem = NULL;
250 "certificate-pem", &parsed_cert_pem,
252 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]);
253 g_free (parsed_cert_pem);
257 g_list_free_full (list, g_object_unref);
259 /* Empty list is not an error */
260 list = g_tls_certificate_list_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "nothing.pem", NULL),
262 g_assert_no_error (error);
263 g_assert_cmpint (g_list_length (list), ==, 0);
272 GError *error = NULL;
275 g_test_init (&argc, &argv, NULL);
277 _g_test_tls_backend_get_type ();
279 /* Load reference PEM */
280 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL);
281 g_file_get_contents (path, &ref.cert_pems[0], NULL, &error);
282 g_assert_no_error (error);
283 g_assert (ref.cert_pems[0]);
285 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert2.pem", NULL);
286 g_file_get_contents (path, &ref.cert_pems[1], NULL, &error);
287 g_assert_no_error (error);
288 g_assert (ref.cert_pems[1]);
290 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert3.pem", NULL);
291 g_file_get_contents (path, &ref.cert_pems[2], NULL, &error);
292 g_assert_no_error (error);
293 g_assert (ref.cert_pems[2]);
295 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL);
296 g_file_get_contents (path, &ref.key_pem, NULL, &error);
297 g_assert_no_error (error);
298 g_assert (ref.key_pem);
300 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key8.pem", NULL);
301 g_file_get_contents (path, &ref.key8_pem, NULL, &error);
302 g_assert_no_error (error);
303 g_assert (ref.key8_pem);
306 g_test_add_data_func ("/tls-certificate/pem-parser",
307 &ref, (GTestDataFunc)pem_parser);
308 g_test_add_data_func ("/tls-certificate/from_file",
309 &ref, (GTestDataFunc)from_file);
310 g_test_add_data_func ("/tls-certificate/from_files",
311 &ref, (GTestDataFunc)from_files);
312 g_test_add_data_func ("/tls-certificate/from_files_pkcs8",
313 &ref, (GTestDataFunc)from_files_pkcs8);
314 g_test_add_data_func ("/tls-certificate/list_from_file",
315 &ref, (GTestDataFunc)list_from_file);
319 g_free (ref.cert_pems[0]);
320 g_free (ref.cert_pems[1]);
321 g_free (ref.cert_pems[2]);
322 g_free (ref.key_pem);
323 g_free (ref.key8_pem);