1 /* GLib testing framework examples and tests
2 *
3 * Copyright (C) 2011 Collabora Ltd.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
17 *
18 * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
19 */
20
21 #include "config.h"
22
23 #include <gio/gio.h>
24
25 #include "gtesttlsbackend.h"
26
27 typedef struct
28 {
29 gchar *cert_pems[3];
30 gchar *cert_crlf_pem;
31 gchar *key_pem;
32 gchar *key_crlf_pem;
33 gchar *key8_pem;
34 } Reference;
35
36 static void
pem_parser(const Reference * ref)37 pem_parser (const Reference *ref)
38 {
39 GTlsCertificate *cert;
40 gchar *pem;
41 gsize pem_len = 0;
42 gchar *parsed_cert_pem = NULL;
43 gchar *parsed_key_pem = NULL;
44 GError *error = NULL;
45
46 /* Check PEM parsing in certificate, private key order. */
47 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-key.pem", NULL), &pem, &pem_len, &error);
48 g_assert_no_error (error);
49 g_assert_nonnull (pem);
50 g_assert_cmpuint (pem_len, >=, 10);
51
52 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
53 g_assert_no_error (error);
54 g_assert_nonnull (cert);
55
56 g_object_get (cert,
57 "certificate-pem", &parsed_cert_pem,
58 "private-key-pem", &parsed_key_pem,
59 NULL);
60 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
61 g_clear_pointer (&parsed_cert_pem, g_free);
62 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
63 g_clear_pointer (&parsed_key_pem, g_free);
64
65 g_object_unref (cert);
66
67 /* Make sure length is respected and parser detect invalid PEM
68 * when cert is truncated. */
69 cert = g_tls_certificate_new_from_pem (pem, 10, &error);
70 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
71 g_clear_error (&error);
72
73 /* Make sure length is respected and parser detect invalid PEM
74 * when cert exists but key is truncated. */
75 cert = g_tls_certificate_new_from_pem (pem, pem_len - 10, &error);
76 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
77 g_clear_error (&error);
78 g_free (pem);
79
80 /* Check PEM parsing in private key, certificate order */
81 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL), &pem, NULL, &error);
82 g_assert_no_error (error);
83 g_assert_nonnull (pem);
84
85 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
86 g_assert_no_error (error);
87 g_assert_nonnull (cert);
88
89 g_object_get (cert,
90 "certificate-pem", &parsed_cert_pem,
91 "private-key-pem", &parsed_key_pem,
92 NULL);
93 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
94 g_clear_pointer (&parsed_cert_pem, g_free);
95 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
96 g_clear_pointer (&parsed_key_pem, g_free);
97
98 g_free (pem);
99 g_object_unref (cert);
100
101 /* Check certificate only PEM */
102 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), &pem, NULL, &error);
103 g_assert_no_error (error);
104 g_assert_nonnull (pem);
105
106 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
107 g_assert_no_error (error);
108 g_assert_nonnull (cert);
109
110 g_object_get (cert,
111 "certificate-pem", &parsed_cert_pem,
112 "private-key-pem", &parsed_key_pem,
113 NULL);
114 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
115 g_clear_pointer (&parsed_cert_pem, g_free);
116 g_assert_null (parsed_key_pem);
117
118 g_free (pem);
119 g_object_unref (cert);
120
121 /* Check error with private key only PEM */
122 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL), &pem, NULL, &error);
123 g_assert_no_error (error);
124 g_assert_nonnull (pem);
125
126 cert = g_tls_certificate_new_from_pem (pem, -1, &error);
127 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
128 g_clear_error (&error);
129 g_assert_null (cert);
130 g_free (pem);
131 }
132
133 static void
pem_parser_handles_chain(const Reference * ref)134 pem_parser_handles_chain (const Reference *ref)
135 {
136 GTlsCertificate *cert;
137 GTlsCertificate *issuer;
138 GTlsCertificate *original_cert;
139 gchar *pem;
140 gchar *parsed_cert_pem = NULL;
141 gchar *parsed_key_pem = NULL;
142 GError *error = NULL;
143
144 /* Check that a chain with exactly three certificates is returned */
145 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-list.pem", NULL), &pem, NULL, &error);
146 g_assert_no_error (error);
147 g_assert_nonnull (pem);
148
149 cert = original_cert = g_tls_certificate_new_from_pem (pem, -1, &error);
150 g_free (pem);
151 g_assert_no_error (error);
152 g_assert_nonnull (cert);
153
154 g_object_get (cert,
155 "certificate-pem", &parsed_cert_pem,
156 "private-key-pem", &parsed_key_pem,
157 NULL);
158 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
159 g_clear_pointer (&parsed_cert_pem, g_free);
160
161 /* Make sure the private key was parsed */
162 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
163 g_clear_pointer (&parsed_key_pem, g_free);
164
165 /* Now test the second cert */
166 issuer = g_tls_certificate_get_issuer (cert);
167 g_assert_nonnull (issuer);
168
169 cert = issuer;
170 issuer = g_tls_certificate_get_issuer (cert);
171 g_assert_nonnull (issuer);
172
173 g_object_get (cert,
174 "certificate-pem", &parsed_cert_pem,
175 "private-key-pem", &parsed_key_pem,
176 NULL);
177 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[1]);
178 g_clear_pointer (&parsed_cert_pem, g_free);
179
180 /* Only the first cert should have a private key */
181 g_assert_null (parsed_key_pem);
182
183 /* Now test the final cert */
184 cert = issuer;
185 issuer = g_tls_certificate_get_issuer (cert);
186 g_assert_null (issuer);
187
188 g_object_get (cert,
189 "certificate-pem", &parsed_cert_pem,
190 "private-key-pem", &parsed_key_pem,
191 NULL);
192 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[2]);
193 g_clear_pointer (&parsed_cert_pem, g_free);
194
195 g_assert_null (parsed_key_pem);
196
197 g_object_unref (original_cert);
198 }
199
200 static void
pem_parser_no_sentinel(void)201 pem_parser_no_sentinel (void)
202 {
203 GTlsCertificate *cert;
204 gchar *pem;
205 gsize pem_len = 0;
206 gchar *pem_copy;
207 GError *error = NULL;
208
209 /* Check certificate from not-nul-terminated PEM */
210 g_file_get_contents (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL), &pem, &pem_len, &error);
211 g_assert_no_error (error);
212 g_assert_nonnull (pem);
213 g_assert_cmpuint (pem_len, >=, 10);
214
215 pem_copy = g_new (char, pem_len);
216 /* Do not copy the terminating nul: */
217 memmove (pem_copy, pem, pem_len);
218 g_free (pem);
219
220 /* Check whether the parser respects the @length parameter.
221 * pem_copy is allocated exactly pem_len bytes, so accessing memory
222 * outside its bounds will be detected by, for example, valgrind or
223 * asan. */
224 cert = g_tls_certificate_new_from_pem (pem_copy, pem_len, &error);
225 g_assert_no_error (error);
226 g_assert_nonnull (cert);
227
228 g_free (pem_copy);
229 g_object_unref (cert);
230 }
231
232 static void
from_file(const Reference * ref)233 from_file (const Reference *ref)
234 {
235 GTlsCertificate *cert;
236 gchar *parsed_cert_pem = NULL;
237 gchar *parsed_key_pem = NULL;
238 GError *error = NULL;
239
240 cert = g_tls_certificate_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL),
241 &error);
242 g_assert_no_error (error);
243 g_assert_nonnull (cert);
244
245 g_object_get (cert,
246 "certificate-pem", &parsed_cert_pem,
247 "private-key-pem", &parsed_key_pem,
248 NULL);
249 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
250 g_clear_pointer (&parsed_cert_pem, g_free);
251 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
252 g_clear_pointer (&parsed_key_pem, g_free);
253
254 g_object_unref (cert);
255 }
256
257 static void
from_files(const Reference * ref)258 from_files (const Reference *ref)
259 {
260 GTlsCertificate *cert;
261 gchar *parsed_cert_pem = NULL;
262 gchar *parsed_key_pem = NULL;
263 GError *error = NULL;
264
265 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
266 g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL),
267 &error);
268 g_assert_no_error (error);
269 g_assert_nonnull (cert);
270
271 g_object_get (cert,
272 "certificate-pem", &parsed_cert_pem,
273 "private-key-pem", &parsed_key_pem,
274 NULL);
275 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
276 g_clear_pointer (&parsed_cert_pem, g_free);
277 g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
278 g_clear_pointer (&parsed_key_pem, g_free);
279
280 g_object_unref (cert);
281
282 /* Missing private key */
283 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
284 g_test_get_filename (G_TEST_DIST, "cert-tests", "cert2.pem", NULL),
285 &error);
286 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
287 g_clear_error (&error);
288 g_assert_null (cert);
289
290 /* Missing header private key */
291 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
292 g_test_get_filename (G_TEST_DIST, "cert-tests", "key_missing-header.pem", NULL),
293 &error);
294 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
295 g_clear_error (&error);
296 g_assert_null (cert);
297
298 /* Missing footer private key */
299 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
300 g_test_get_filename (G_TEST_DIST, "cert-tests", "key_missing-footer.pem", NULL),
301 &error);
302 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
303 g_clear_error (&error);
304 g_assert_null (cert);
305
306 /* Missing certificate */
307 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL),
308 g_test_get_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL),
309 &error);
310 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
311 g_clear_error (&error);
312 g_assert_null (cert);
313
314 /* Using this method twice with a file containing both private key and
315 * certificate as a way to enforce private key presence is a fair use
316 */
317 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL),
318 g_test_get_filename (G_TEST_DIST, "cert-tests", "key-cert.pem", NULL),
319 &error);
320 g_assert_no_error (error);
321 g_assert_nonnull (cert);
322 g_object_unref (cert);
323 }
324
325 static void
from_files_crlf(const Reference * ref)326 from_files_crlf (const Reference *ref)
327 {
328 GTlsCertificate *cert;
329 gchar *parsed_cert_pem = NULL;
330 gchar *parsed_key_pem = NULL;
331 GError *error = NULL;
332
333 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-crlf.pem", NULL),
334 g_test_get_filename (G_TEST_DIST, "cert-tests", "key-crlf.pem", NULL),
335 &error);
336 g_assert_no_error (error);
337 g_assert_nonnull (cert);
338
339 g_object_get (cert,
340 "certificate-pem", &parsed_cert_pem,
341 "private-key-pem", &parsed_key_pem,
342 NULL);
343 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_crlf_pem);
344 g_clear_pointer (&parsed_cert_pem, g_free);
345 g_assert_cmpstr (parsed_key_pem, ==, ref->key_crlf_pem);
346 g_clear_pointer (&parsed_key_pem, g_free);
347
348 g_object_unref (cert);
349 }
350
351 static void
from_files_pkcs8(const Reference * ref)352 from_files_pkcs8 (const Reference *ref)
353 {
354 GTlsCertificate *cert;
355 gchar *parsed_cert_pem = NULL;
356 gchar *parsed_key_pem = NULL;
357 GError *error = NULL;
358
359 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
360 g_test_get_filename (G_TEST_DIST, "cert-tests", "key8.pem", NULL),
361 &error);
362 g_assert_no_error (error);
363 g_assert_nonnull (cert);
364
365 g_object_get (cert,
366 "certificate-pem", &parsed_cert_pem,
367 "private-key-pem", &parsed_key_pem,
368 NULL);
369 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
370 g_clear_pointer (&parsed_cert_pem, g_free);
371 g_assert_cmpstr (parsed_key_pem, ==, ref->key8_pem);
372 g_clear_pointer (&parsed_key_pem, g_free);
373
374 g_object_unref (cert);
375 }
376
377 static void
from_files_pkcs8enc(const Reference * ref)378 from_files_pkcs8enc (const Reference *ref)
379 {
380 GTlsCertificate *cert;
381 GError *error = NULL;
382
383 /* Mare sure an error is returned for encrypted key */
384 cert = g_tls_certificate_new_from_files (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL),
385 g_test_get_filename (G_TEST_DIST, "cert-tests", "key8enc.pem", NULL),
386 &error);
387 g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
388 g_clear_error (&error);
389 g_assert_null (cert);
390 }
391
392 static void
list_from_file(const Reference * ref)393 list_from_file (const Reference *ref)
394 {
395 GList *list, *l;
396 GError *error = NULL;
397 int i;
398
399 list = g_tls_certificate_list_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "cert-list.pem", NULL),
400 &error);
401 g_assert_no_error (error);
402 g_assert_cmpint (g_list_length (list), ==, 3);
403
404 l = list;
405 for (i = 0; i < 3; i++)
406 {
407 GTlsCertificate *cert = l->data;
408 gchar *parsed_cert_pem = NULL;
409 g_object_get (cert,
410 "certificate-pem", &parsed_cert_pem,
411 NULL);
412 g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]);
413 g_free (parsed_cert_pem);
414 l = g_list_next (l);
415 }
416
417 g_list_free_full (list, g_object_unref);
418
419 /* Empty list is not an error */
420 list = g_tls_certificate_list_new_from_file (g_test_get_filename (G_TEST_DIST, "cert-tests", "nothing.pem", NULL),
421 &error);
422 g_assert_no_error (error);
423 g_assert_cmpint (g_list_length (list), ==, 0);
424 }
425
426 static void
from_pkcs11_uri(void)427 from_pkcs11_uri (void)
428 {
429 GError *error = NULL;
430 GTlsCertificate *cert;
431 gchar *pkcs11_uri = NULL;
432
433 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
434 g_assert_no_error (error);
435 g_assert_nonnull (cert);
436
437 g_object_get (cert, "pkcs11-uri", &pkcs11_uri, NULL);
438 g_assert_cmpstr ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", ==, pkcs11_uri);
439 g_free (pkcs11_uri);
440
441 g_object_unref (cert);
442 }
443
444 static void
from_unsupported_pkcs11_uri(void)445 from_unsupported_pkcs11_uri (void)
446 {
447 GError *error = NULL;
448 GTlsCertificate *cert;
449
450 /* This is a magic value in gtesttlsbackend.c simulating an unsupported backend */
451 cert = g_tls_certificate_new_from_pkcs11_uris ("unsupported", NULL, &error);
452 g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED);
453 g_assert_null (cert);
454
455 g_clear_error (&error);
456 }
457
458 static void
not_valid_before(void)459 not_valid_before (void)
460 {
461 const gchar *EXPECTED_NOT_VALID_BEFORE = "2020-10-12T17:49:44Z";
462
463 GTlsCertificate *cert;
464 GError *error = NULL;
465 GDateTime *actual;
466 gchar *actual_str;
467
468 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
469 g_assert_no_error (error);
470 g_assert_nonnull (cert);
471
472 actual = g_tls_certificate_get_not_valid_before (cert);
473 g_assert_nonnull (actual);
474 actual_str = g_date_time_format_iso8601 (actual);
475 g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_BEFORE);
476 g_free (actual_str);
477 g_date_time_unref (actual);
478 g_object_unref (cert);
479 }
480
481 static void
not_valid_after(void)482 not_valid_after (void)
483 {
484 const gchar *EXPECTED_NOT_VALID_AFTER = "2045-10-06T17:49:44Z";
485
486 GTlsCertificate *cert;
487 GError *error = NULL;
488 GDateTime *actual;
489 gchar *actual_str;
490
491 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
492 g_assert_no_error (error);
493 g_assert_nonnull (cert);
494
495 actual = g_tls_certificate_get_not_valid_after (cert);
496 g_assert_nonnull (actual);
497 actual_str = g_date_time_format_iso8601 (actual);
498 g_assert_cmpstr (actual_str, ==, EXPECTED_NOT_VALID_AFTER);
499 g_free (actual_str);
500 g_date_time_unref (actual);
501 g_object_unref (cert);
502 }
503
504 static void
subject_name(void)505 subject_name (void)
506 {
507 const gchar *EXPECTED_SUBJECT_NAME = "DC=COM,DC=EXAMPLE,CN=server.example.com";
508
509 GTlsCertificate *cert;
510 GError *error = NULL;
511 gchar *actual;
512
513 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
514 g_assert_no_error (error);
515 g_assert_nonnull (cert);
516
517 actual = g_tls_certificate_get_subject_name (cert);
518 g_assert_nonnull (actual);
519 g_assert_cmpstr (actual, ==, EXPECTED_SUBJECT_NAME);
520 g_free (actual);
521 g_object_unref (cert);
522 }
523
524 static void
issuer_name(void)525 issuer_name (void)
526 {
527 const gchar *EXPECTED_ISSUER_NAME = "DC=COM,DC=EXAMPLE,OU=Certificate Authority,CN=ca.example.com,emailAddress=ca@example.com";
528
529 GTlsCertificate *cert;
530 GError *error = NULL;
531 gchar *actual;
532
533 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
534 g_assert_no_error (error);
535 g_assert_nonnull (cert);
536
537 actual = g_tls_certificate_get_issuer_name (cert);
538 g_assert_nonnull (actual);
539 g_assert_cmpstr (actual, ==, EXPECTED_ISSUER_NAME);
540 g_free (actual);
541 g_object_unref (cert);
542 }
543
544 static void
dns_names(void)545 dns_names (void)
546 {
547 GTlsCertificate *cert;
548 GError *error = NULL;
549 GPtrArray *actual;
550 const gchar *dns_name = "a.example.com";
551 GBytes *expected = g_bytes_new_static (dns_name, strlen (dns_name));
552
553 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
554 g_assert_no_error (error);
555 g_assert_nonnull (cert);
556
557 actual = g_tls_certificate_get_dns_names (cert);
558 g_assert_nonnull (actual);
559 g_assert_cmpuint (actual->len, ==, 1);
560 g_assert_true (g_ptr_array_find_with_equal_func (actual, expected, (GEqualFunc)g_bytes_equal, NULL));
561
562 g_ptr_array_free (actual, FALSE);
563 g_bytes_unref (expected);
564 g_object_unref (cert);
565 }
566
567 static void
ip_addresses(void)568 ip_addresses (void)
569 {
570 GTlsCertificate *cert;
571 GError *error = NULL;
572 GPtrArray *actual;
573 GInetAddress *expected = g_inet_address_new_from_string ("192.0.2.1");
574
575 cert = g_tls_certificate_new_from_pkcs11_uris ("pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit;serial=1;token=ca-bundle.crt", NULL, &error);
576 g_assert_no_error (error);
577 g_assert_nonnull (cert);
578
579 actual = g_tls_certificate_get_ip_addresses (cert);
580 g_assert_nonnull (actual);
581 g_assert_cmpuint (actual->len, ==, 1);
582 g_assert_true (g_ptr_array_find_with_equal_func (actual, expected, (GEqualFunc)g_inet_address_equal, NULL));
583
584 g_ptr_array_free (actual, TRUE);
585 g_object_unref (expected);
586 g_object_unref (cert);
587 }
588
589 int
main(int argc,char * argv[])590 main (int argc,
591 char *argv[])
592 {
593 int rtv;
594 Reference ref;
595 GError *error = NULL;
596 gchar *path;
597
598 g_test_init (&argc, &argv, NULL);
599
600 _g_test_tls_backend_get_type ();
601
602 /* Load reference PEM */
603 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert1.pem", NULL);
604 g_file_get_contents (path, &ref.cert_pems[0], NULL, &error);
605 g_assert_no_error (error);
606 g_assert_nonnull (ref.cert_pems[0]);
607 g_free (path);
608 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert2.pem", NULL);
609 g_file_get_contents (path, &ref.cert_pems[1], NULL, &error);
610 g_assert_no_error (error);
611 g_assert_nonnull (ref.cert_pems[1]);
612 g_free (path);
613 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert3.pem", NULL);
614 g_file_get_contents (path, &ref.cert_pems[2], NULL, &error);
615 g_assert_no_error (error);
616 g_assert_nonnull (ref.cert_pems[2]);
617 g_free (path);
618 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "cert-crlf.pem", NULL);
619 g_file_get_contents (path, &ref.cert_crlf_pem, NULL, &error);
620 g_assert_no_error (error);
621 g_assert_nonnull (ref.cert_crlf_pem);
622 g_free (path);
623 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key.pem", NULL);
624 g_file_get_contents (path, &ref.key_pem, NULL, &error);
625 g_assert_no_error (error);
626 g_assert_nonnull (ref.key_pem);
627 g_free (path);
628 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key-crlf.pem", NULL);
629 g_file_get_contents (path, &ref.key_crlf_pem, NULL, &error);
630 g_assert_no_error (error);
631 g_assert_nonnull (ref.key_crlf_pem);
632 g_free (path);
633 path = g_test_build_filename (G_TEST_DIST, "cert-tests", "key8.pem", NULL);
634 g_file_get_contents (path, &ref.key8_pem, NULL, &error);
635 g_assert_no_error (error);
636 g_assert_nonnull (ref.key8_pem);
637 g_free (path);
638
639 g_test_add_data_func ("/tls-certificate/pem-parser",
640 &ref, (GTestDataFunc)pem_parser);
641 g_test_add_data_func ("/tls-certificate/pem-parser-handles-chain",
642 &ref, (GTestDataFunc)pem_parser_handles_chain);
643 g_test_add_data_func ("/tls-certificate/from_file",
644 &ref, (GTestDataFunc)from_file);
645 g_test_add_data_func ("/tls-certificate/from_files",
646 &ref, (GTestDataFunc)from_files);
647 g_test_add_data_func ("/tls-certificate/from_files_crlf",
648 &ref, (GTestDataFunc)from_files_crlf);
649 g_test_add_data_func ("/tls-certificate/from_files_pkcs8",
650 &ref, (GTestDataFunc)from_files_pkcs8);
651 g_test_add_data_func ("/tls-certificate/from_files_pkcs8enc",
652 &ref, (GTestDataFunc)from_files_pkcs8enc);
653 g_test_add_data_func ("/tls-certificate/list_from_file",
654 &ref, (GTestDataFunc)list_from_file);
655 g_test_add_func ("/tls-certificate/pkcs11-uri",
656 from_pkcs11_uri);
657 g_test_add_func ("/tls-certificate/pkcs11-uri-unsupported",
658 from_unsupported_pkcs11_uri);
659 g_test_add_func ("/tls-certificate/not-valid-before",
660 not_valid_before);
661 g_test_add_func ("/tls-certificate/not-valid-after",
662 not_valid_after);
663 g_test_add_func ("/tls-certificate/subject-name",
664 subject_name);
665 g_test_add_func ("/tls-certificate/issuer-name",
666 issuer_name);
667 g_test_add_func ("/tls-certificate/dns-names",
668 dns_names);
669 g_test_add_func ("/tls-certificate/ip-addresses",
670 ip_addresses);
671 g_test_add_func ("/tls-certificate/pem-parser-no-sentinel",
672 pem_parser_no_sentinel);
673
674 rtv = g_test_run();
675
676 g_free (ref.cert_pems[0]);
677 g_free (ref.cert_pems[1]);
678 g_free (ref.cert_pems[2]);
679 g_free (ref.cert_crlf_pem);
680 g_free (ref.key_pem);
681 g_free (ref.key_crlf_pem);
682 g_free (ref.key8_pem);
683
684 return rtv;
685 }
686