| /* GLib testing framework examples and tests |
| * |
| * Copyright (C) 2011 Collabora Ltd. |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General |
| * Public License along with this library; if not, see <http://www.gnu.org/licenses/>. |
| * |
| * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com> |
| */ |
| |
| #include "config.h" |
| |
| #include <gio/gio.h> |
| |
| #include "gtesttlsbackend.h" |
| |
| typedef struct |
| { |
| gchar *cert_pems[3]; |
| gchar *cert_crlf_pem; |
| gchar *key_pem; |
| gchar *key_crlf_pem; |
| gchar *key8_pem; |
| } Reference; |
| |
| static void |
| pem_parser (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| gchar *pem; |
| gsize pem_len = 0; |
| gchar *parsed_cert_pem = NULL; |
| gchar *parsed_key_pem = NULL; |
| GError *error = NULL; |
| |
| /* Check PEM parsing in certificate, private key order. */ |
| g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-key.pem", NULL), &pem, &pem_len, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (pem); |
| g_assert_cmpuint (pem_len, >=, 10); |
| |
| cert = g_tls_certificate_new_from_pem (pem, -1, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| g_object_unref (cert); |
| |
| /* Make sure length is respected and parser detect invalid PEM |
| * when cert is truncated. */ |
| cert = g_tls_certificate_new_from_pem (pem, 10, &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| |
| /* Make sure length is respected and parser detect invalid PEM |
| * when cert exists but key is truncated. */ |
| cert = g_tls_certificate_new_from_pem (pem, pem_len - 10, &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_free (pem); |
| |
| /* Check PEM parsing in private key, certificate order */ |
| g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL), &pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (pem); |
| |
| cert = g_tls_certificate_new_from_pem (pem, -1, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| g_free (pem); |
| g_object_unref (cert); |
| |
| /* Check certificate only PEM */ |
| g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), &pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (pem); |
| |
| cert = g_tls_certificate_new_from_pem (pem, -1, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_null (parsed_key_pem); |
| |
| g_free (pem); |
| g_object_unref (cert); |
| |
| /* Check error with private key only PEM */ |
| g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL), &pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (pem); |
| |
| cert = g_tls_certificate_new_from_pem (pem, -1, &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_assert_null (cert); |
| g_free (pem); |
| } |
| |
| static void |
| pem_parser_handles_chain (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| GTlsCertificate *issuer; |
| GTlsCertificate *original_cert; |
| gchar *pem; |
| gchar *parsed_cert_pem = NULL; |
| gchar *parsed_key_pem = NULL; |
| GError *error = NULL; |
| |
| /* Check that a chain with exactly three certificates is returned */ |
| g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-list.pem", NULL), &pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (pem); |
| |
| cert = original_cert = g_tls_certificate_new_from_pem (pem, -1, &error); |
| g_free (pem); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| |
| /* Make sure the private key was parsed */ |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| /* Now test the second cert */ |
| issuer = g_tls_certificate_get_issuer (cert); |
| g_assert_nonnull (issuer); |
| |
| cert = issuer; |
| issuer = g_tls_certificate_get_issuer (cert); |
| g_assert_nonnull (issuer); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[1]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| |
| /* Only the first cert should have a private key */ |
| g_assert_null (parsed_key_pem); |
| |
| /* Now test the final cert */ |
| cert = issuer; |
| issuer = g_tls_certificate_get_issuer (cert); |
| g_assert_null (issuer); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[2]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| |
| g_assert_null (parsed_key_pem); |
| |
| g_object_unref (original_cert); |
| } |
| |
| static void |
| pem_parser_no_sentinel (void) |
| { |
| GTlsCertificate *cert; |
| gchar *pem; |
| gsize pem_len = 0; |
| gchar *pem_copy; |
| GError *error = NULL; |
| |
| /* Check certificate from not-nul-terminated PEM */ |
| g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), &pem, &pem_len, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (pem); |
| g_assert_cmpuint (pem_len, >=, 10); |
| |
| pem_copy = g_new (char, pem_len); |
| /* Do not copy the terminating nul: */ |
| memmove (pem_copy, pem, pem_len); |
| g_free (pem); |
| |
| /* Check whether the parser respects the @length parameter. |
| * pem_copy is allocated exactly pem_len bytes, so accessing memory |
| * outside its bounds will be detected by, for example, valgrind or |
| * asan. */ |
| cert = g_tls_certificate_new_from_pem (pem_copy, pem_len, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_free (pem_copy); |
| g_object_unref (cert); |
| } |
| |
| static void |
| from_file (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| gchar *parsed_cert_pem = NULL; |
| gchar *parsed_key_pem = NULL; |
| GError *error = NULL; |
| |
| cert = g_tls_certificate_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| g_object_unref (cert); |
| } |
| |
| static void |
| from_files (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| gchar *parsed_cert_pem = NULL; |
| gchar *parsed_key_pem = NULL; |
| GError *error = NULL; |
| |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| g_object_unref (cert); |
| |
| /* Missing private key */ |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "cert2.pem", NULL), |
| &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_assert_null (cert); |
| |
| /* Missing header private key */ |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key_missing-header.pem", NULL), |
| &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_assert_null (cert); |
| |
| /* Missing footer private key */ |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key_missing-footer.pem", NULL), |
| &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_assert_null (cert); |
| |
| /* Missing certificate */ |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL), |
| &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_assert_null (cert); |
| |
| /* Using this method twice with a file containing both private key and |
| * certificate as a way to enforce private key presence is a fair use |
| */ |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| g_object_unref (cert); |
| } |
| |
| static void |
| from_files_crlf (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| gchar *parsed_cert_pem = NULL; |
| gchar *parsed_key_pem = NULL; |
| GError *error = NULL; |
| |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-crlf.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key-crlf.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_crlf_pem); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key_crlf_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| g_object_unref (cert); |
| } |
| |
| static void |
| from_files_pkcs8 (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| gchar *parsed_cert_pem = NULL; |
| gchar *parsed_key_pem = NULL; |
| GError *error = NULL; |
| |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key8.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| "private-key-pem", &parsed_key_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); |
| g_clear_pointer (&parsed_cert_pem, g_free); |
| g_assert_cmpstr (parsed_key_pem, ==, ref->key8_pem); |
| g_clear_pointer (&parsed_key_pem, g_free); |
| |
| g_object_unref (cert); |
| } |
| |
| static void |
| from_files_pkcs8enc (const Reference *ref) |
| { |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| |
| /* Mare sure an error is returned for encrypted key */ |
| cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), |
| g_test_get_filename (G_TEST_DIST, "cert-tests", "key8enc.pem", NULL), |
| &error); |
| g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); |
| g_clear_error (&error); |
| g_assert_null (cert); |
| } |
| |
| static void |
| list_from_file (const Reference *ref) |
| { |
| GList *list, *l; |
| GError *error = NULL; |
| int i; |
| |
| list = g_tls_certificate_list_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-list.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_cmpint (g_list_length (list), ==, 3); |
| |
| l = list; |
| for (i = 0; i < 3; i++) |
| { |
| GTlsCertificate *cert = l->data; |
| gchar *parsed_cert_pem = NULL; |
| g_object_get (cert, |
| "certificate-pem", &parsed_cert_pem, |
| NULL); |
| g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]); |
| g_free (parsed_cert_pem); |
| l = g_list_next (l); |
| } |
| |
| g_list_free_full (list, g_object_unref); |
| |
| /* Empty list is not an error */ |
| list = g_tls_certificate_list_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "nothing.pem", NULL), |
| &error); |
| g_assert_no_error (error); |
| g_assert_cmpint (g_list_length (list), ==, 0); |
| } |
| |
| static void |
| from_pkcs11_uri (void) |
| { |
| GError *error = NULL; |
| GTlsCertificate *cert; |
| gchar *pkcs11_uri = NULL; |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| g_object_get (cert, "pkcs11-uri", &pkcs11_uri, NULL); |
| g_assert_cmpstr ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", ==, pkcs11_uri); |
| g_free (pkcs11_uri); |
| |
| g_object_unref (cert); |
| } |
| |
| static void |
| from_unsupported_pkcs11_uri (void) |
| { |
| GError *error = NULL; |
| GTlsCertificate *cert; |
| |
| /* This is a magic value in gtesttlsbackend.c simulating an unsupported backend */ |
| cert = g_tls_certificate_new_from_pkcs11_uris ("unsupported", NULL, &error); |
| g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED); |
| g_assert_null (cert); |
| |
| g_clear_error (&error); |
| } |
| |
| static void |
| not_valid_before (void) |
| { |
| const gchar *EXPECTED_NOT_VALID_BEFORE = "2020-10-12T17:49:44Z"; |
| |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| GDateTime *actual; |
| gchar *actual_str; |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| actual = g_tls_certificate_get_not_valid_before (cert); |
| g_assert_nonnull (actual); |
| actual_str = g_date_time_format_iso8601 (actual); |
| g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_BEFORE); |
| g_free (actual_str); |
| g_date_time_unref (actual); |
| g_object_unref (cert); |
| } |
| |
| static void |
| not_valid_after (void) |
| { |
| const gchar *EXPECTED_NOT_VALID_AFTER = "2045-10-06T17:49:44Z"; |
| |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| GDateTime *actual; |
| gchar *actual_str; |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| actual = g_tls_certificate_get_not_valid_after (cert); |
| g_assert_nonnull (actual); |
| actual_str = g_date_time_format_iso8601 (actual); |
| g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER); |
| g_free (actual_str); |
| g_date_time_unref (actual); |
| g_object_unref (cert); |
| } |
| |
| static void |
| subject_name (void) |
| { |
| const gchar *EXPECTED_SUBJECT_NAME = "DC=COM,DC=EXAMPLE,CN=server.example.com"; |
| |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| gchar *actual; |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| actual = g_tls_certificate_get_subject_name (cert); |
| g_assert_nonnull (actual); |
| g_assert_cmpstr (actual, ==, EXPECTED_SUBJECT_NAME); |
| g_free (actual); |
| g_object_unref (cert); |
| } |
| |
| static void |
| issuer_name (void) |
| { |
| const gchar *EXPECTED_ISSUER_NAME = "DC=COM,DC=EXAMPLE,OU=Certificate Authority,CN=ca.example.com,emailAddress=ca@example.com"; |
| |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| gchar *actual; |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| actual = g_tls_certificate_get_issuer_name (cert); |
| g_assert_nonnull (actual); |
| g_assert_cmpstr (actual, ==, EXPECTED_ISSUER_NAME); |
| g_free (actual); |
| g_object_unref (cert); |
| } |
| |
| static void |
| dns_names (void) |
| { |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| GPtrArray *actual; |
| const gchar *dns_name = "a.example.com"; |
| GBytes *expected = g_bytes_new_static (dns_name, strlen (dns_name)); |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| actual = g_tls_certificate_get_dns_names (cert); |
| g_assert_nonnull (actual); |
| g_assert_cmpuint (actual->len, ==, 1); |
| g_assert_true (g_ptr_array_find_with_equal_func (actual, expected, (GEqualFunc)g_bytes_equal, NULL)); |
| |
| g_ptr_array_free (actual, FALSE); |
| g_bytes_unref (expected); |
| g_object_unref (cert); |
| } |
| |
| static void |
| ip_addresses (void) |
| { |
| GTlsCertificate *cert; |
| GError *error = NULL; |
| GPtrArray *actual; |
| GInetAddress *expected = g_inet_address_new_from_string ("192.0.2.1"); |
| |
| cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (cert); |
| |
| actual = g_tls_certificate_get_ip_addresses (cert); |
| g_assert_nonnull (actual); |
| g_assert_cmpuint (actual->len, ==, 1); |
| g_assert_true (g_ptr_array_find_with_equal_func (actual, expected, (GEqualFunc)g_inet_address_equal, NULL)); |
| |
| g_ptr_array_free (actual, TRUE); |
| g_object_unref (expected); |
| g_object_unref (cert); |
| } |
| |
| int |
| main (int argc, |
| char *argv[]) |
| { |
| int rtv; |
| Reference ref; |
| GError *error = NULL; |
| gchar *path; |
| |
| g_test_init (&argc, &argv, NULL); |
| |
| _g_test_tls_backend_get_type (); |
| |
| /* Load reference PEM */ |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL); |
| g_file_get_contents (path, &ref.cert_pems[0], NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.cert_pems[0]); |
| g_free (path); |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert2.pem", NULL); |
| g_file_get_contents (path, &ref.cert_pems[1], NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.cert_pems[1]); |
| g_free (path); |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert3.pem", NULL); |
| g_file_get_contents (path, &ref.cert_pems[2], NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.cert_pems[2]); |
| g_free (path); |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert-crlf.pem", NULL); |
| g_file_get_contents (path, &ref.cert_crlf_pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.cert_crlf_pem); |
| g_free (path); |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL); |
| g_file_get_contents (path, &ref.key_pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.key_pem); |
| g_free (path); |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key-crlf.pem", NULL); |
| g_file_get_contents (path, &ref.key_crlf_pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.key_crlf_pem); |
| g_free (path); |
| path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key8.pem", NULL); |
| g_file_get_contents (path, &ref.key8_pem, NULL, &error); |
| g_assert_no_error (error); |
| g_assert_nonnull (ref.key8_pem); |
| g_free (path); |
| |
| g_test_add_data_func ("/tls-certificate/pem-parser", |
| &ref, (GTestDataFunc)pem_parser); |
| g_test_add_data_func ("/tls-certificate/pem-parser-handles-chain", |
| &ref, (GTestDataFunc)pem_parser_handles_chain); |
| g_test_add_data_func ("/tls-certificate/from_file", |
| &ref, (GTestDataFunc)from_file); |
| g_test_add_data_func ("/tls-certificate/from_files", |
| &ref, (GTestDataFunc)from_files); |
| g_test_add_data_func ("/tls-certificate/from_files_crlf", |
| &ref, (GTestDataFunc)from_files_crlf); |
| g_test_add_data_func ("/tls-certificate/from_files_pkcs8", |
| &ref, (GTestDataFunc)from_files_pkcs8); |
| g_test_add_data_func ("/tls-certificate/from_files_pkcs8enc", |
| &ref, (GTestDataFunc)from_files_pkcs8enc); |
| g_test_add_data_func ("/tls-certificate/list_from_file", |
| &ref, (GTestDataFunc)list_from_file); |
| g_test_add_func ("/tls-certificate/pkcs11-uri", |
| from_pkcs11_uri); |
| g_test_add_func ("/tls-certificate/pkcs11-uri-unsupported", |
| from_unsupported_pkcs11_uri); |
| g_test_add_func ("/tls-certificate/not-valid-before", |
| not_valid_before); |
| g_test_add_func ("/tls-certificate/not-valid-after", |
| not_valid_after); |
| g_test_add_func ("/tls-certificate/subject-name", |
| subject_name); |
| g_test_add_func ("/tls-certificate/issuer-name", |
| issuer_name); |
| g_test_add_func ("/tls-certificate/dns-names", |
| dns_names); |
| g_test_add_func ("/tls-certificate/ip-addresses", |
| ip_addresses); |
| g_test_add_func ("/tls-certificate/pem-parser-no-sentinel", |
| pem_parser_no_sentinel); |
| |
| rtv = g_test_run(); |
| |
| g_free (ref.cert_pems[0]); |
| g_free (ref.cert_pems[1]); |
| g_free (ref.cert_pems[2]); |
| g_free (ref.cert_crlf_pem); |
| g_free (ref.key_pem); |
| g_free (ref.key_crlf_pem); |
| g_free (ref.key8_pem); |
| |
| return rtv; |
| } |