1 /* GLib testing framework examples and tests
3 * Copyright (C) 2011 Collabora Ltd.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
20 * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
27 #include "gtesttlsbackend.h"
37 pem_parser (const Reference *ref)
39 GTlsCertificate *cert;
41 gchar *parsed_cert_pem = NULL;
42 const gchar *parsed_key_pem = NULL;
45 /* Check PEM parsing in certificate, private key order. */
46 g_file_get_contents (SRCDIR "/cert-key.pem", &pem, NULL, &error);
47 g_assert_no_error (error);
50 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
51 g_assert_no_error (error);
55 "certificate-pem", &parsed_cert_pem,
57 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
58 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
59 g_free (parsed_cert_pem);
60 parsed_cert_pem = NULL;
61 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
62 parsed_key_pem = NULL;
64 g_object_unref (cert);
66 /* Make sure length is respected and parser detect invalid (truncated) PEM. */
67 cert = g_tls_certificate_new_from_pem (pem, 10, &error);
68 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
69 g_clear_error (&error);
72 /* Check PEM parsing in private key, certificate order */
73 g_file_get_contents (SRCDIR "/key-cert.pem", &pem, NULL, &error);
74 g_assert_no_error (error);
77 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
78 g_assert_no_error (error);
82 "certificate-pem", &parsed_cert_pem,
84 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
85 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
86 g_free (parsed_cert_pem);
87 parsed_cert_pem = NULL;
88 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
89 parsed_key_pem = NULL;
92 g_object_unref (cert);
94 /* Check certificate only PEM */
95 g_file_get_contents (SRCDIR "/cert1.pem", &pem, NULL, &error);
96 g_assert_no_error (error);
99 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
100 g_assert_no_error (error);
104 "certificate-pem", &parsed_cert_pem,
106 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
107 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
108 g_free (parsed_cert_pem);
109 parsed_cert_pem = NULL;
110 g_assert (parsed_key_pem == NULL);
113 g_object_unref (cert);
115 /* Check error with private key only PEM */
116 g_file_get_contents (SRCDIR "/key.pem", &pem, NULL, &error);
117 g_assert_no_error (error);
120 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
121 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
122 g_clear_error (&error);
123 g_assert (cert == NULL);
128 from_file (const Reference *ref)
130 GTlsCertificate *cert;
131 gchar *parsed_cert_pem = NULL;
132 const gchar *parsed_key_pem = NULL;
133 GError *error = NULL;
135 cert = g_tls_certificate_new_from_file (SRCDIR "/key-cert.pem", &error);
136 g_assert_no_error (error);
140 "certificate-pem", &parsed_cert_pem,
142 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
143 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
144 g_free (parsed_cert_pem);
145 parsed_cert_pem = NULL;
146 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
147 parsed_key_pem = NULL;
149 g_object_unref (cert);
153 from_files (const Reference *ref)
155 GTlsCertificate *cert;
156 gchar *parsed_cert_pem = NULL;
157 const gchar *parsed_key_pem = NULL;
158 GError *error = NULL;
160 cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
163 g_assert_no_error (error);
167 "certificate-pem", &parsed_cert_pem,
169 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
170 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
171 g_free (parsed_cert_pem);
172 parsed_cert_pem = NULL;
173 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
174 parsed_key_pem = NULL;
176 g_object_unref (cert);
178 /* Missing private key */
179 cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
182 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
183 g_clear_error (&error);
184 g_assert (cert == NULL);
186 /* Missing certificate */
187 cert = g_tls_certificate_new_from_files (SRCDIR "/key.pem",
190 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
191 g_clear_error (&error);
192 g_assert (cert == NULL);
194 /* Using this method twice with a file containing both private key and
195 * certificate as a way to inforce private key presence is a fair use */
196 cert = g_tls_certificate_new_from_files (SRCDIR "/key-cert.pem",
197 SRCDIR "/key-cert.pem",
199 g_assert_no_error (error);
201 g_object_unref (cert);
206 from_files_pkcs8 (const Reference *ref)
208 GTlsCertificate *cert;
209 gchar *parsed_cert_pem = NULL;
210 const gchar *parsed_key_pem = NULL;
211 GError *error = NULL;
213 cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
216 g_assert_no_error (error);
220 "certificate-pem", &parsed_cert_pem,
222 parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
223 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
224 g_free (parsed_cert_pem);
225 parsed_cert_pem = NULL;
226 g_assert_cmpstr (parsed_key_pem, ==, ref->key8_pem);
227 parsed_key_pem = NULL;
229 g_object_unref (cert);
233 list_from_file (const Reference *ref)
236 GError *error = NULL;
239 list = g_tls_certificate_list_new_from_file (SRCDIR "/cert-list.pem", &error);
240 g_assert_no_error (error);
241 g_assert_cmpint (g_list_length (list), ==, 3);
244 for (i = 0; i < 3; i++)
246 GTlsCertificate *cert = l->data;
247 gchar *parsed_cert_pem = NULL;
249 "certificate-pem", &parsed_cert_pem,
251 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]);
252 g_free (parsed_cert_pem);
256 g_list_free_full (list, g_object_unref);
258 /* Empty list is not an error */
259 list = g_tls_certificate_list_new_from_file (SRCDIR "/nothing.pem", &error);
260 g_assert_no_error (error);
261 g_assert_cmpint (g_list_length (list), ==, 0);
270 GError *error = NULL;
273 g_test_init (&argc, &argv, NULL);
275 _g_test_tls_backend_get_type ();
277 /* Load reference PEM */
278 g_file_get_contents (SRCDIR "/cert1.pem", &ref.cert_pems[0], NULL, &error);
279 g_assert_no_error (error);
280 g_assert (ref.cert_pems[0]);
281 g_file_get_contents (SRCDIR "/cert2.pem", &ref.cert_pems[1], NULL, &error);
282 g_assert_no_error (error);
283 g_assert (ref.cert_pems[1]);
284 g_file_get_contents (SRCDIR "/cert3.pem", &ref.cert_pems[2], NULL, &error);
285 g_assert_no_error (error);
286 g_assert (ref.cert_pems[2]);
287 g_file_get_contents (SRCDIR "/key.pem", &ref.key_pem, NULL, &error);
288 g_assert_no_error (error);
289 g_assert (ref.key_pem);
290 g_file_get_contents (SRCDIR "/key8.pem", &ref.key8_pem, NULL, &error);
291 g_assert_no_error (error);
292 g_assert (ref.key8_pem);
294 g_test_add_data_func ("/tls-certificate/pem-parser",
295 &ref, (GTestDataFunc)pem_parser);
296 g_test_add_data_func ("/tls-certificate/from_file",
297 &ref, (GTestDataFunc)from_file);
298 g_test_add_data_func ("/tls-certificate/from_files",
299 &ref, (GTestDataFunc)from_files);
300 g_test_add_data_func ("/tls-certificate/from_files_pkcs8",
301 &ref, (GTestDataFunc)from_files_pkcs8);
302 g_test_add_data_func ("/tls-certificate/list_from_file",
303 &ref, (GTestDataFunc)list_from_file);
307 g_free (ref.cert_pems[0]);
308 g_free (ref.cert_pems[1]);
309 g_free (ref.cert_pems[2]);
310 g_free (ref.key_pem);
311 g_free (ref.key8_pem);