Added TLS PEM parser unit test

gio/tests/Makefile.am

@@ -50,6 +50,7 @@ TEST_PROGS +=	 		\
 	gdbus-message		\
 	socket			\
 	pollable		\
+	tls-certificate         \
 	$(NULL)
 
 if OS_UNIX
@@ -454,6 +455,9 @@ proxy_SOURCES = proxy.c
 proxy_LDADD   = $(progs_ldadd) \
 	$(top_builddir)/gthread/libgthread-2.0.la
 
+tls_certificate_SOURCES = tls-certificate.c gtesttlsbackend.c gtesttlsbackend.h
+tls_certificate_LDADD   = $(progs_ldadd)
+
 # -----------------------------------------------------------------------------
 
 if OS_UNIX

gio/tests/cert-key.pem

@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw
+BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR
+q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS
++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCslrTl+gp3lQsEGMegjhQMow5yhinpQ7yji36soGuUpUynQPs7
+P5tm3ojZPeQGNmYof3Csc2yTrMLrCidt8xFkcgtZydOJ9sQSEgwc2of4nlvffIZb
+dIR+13WOPVRmS5tBVkQWFrlSFtQ70BDhNK3SZfkAb4+QmLSR1MJFaUPWrQIDAQAB
+AoGAUTnskYAIhRdEQ/1Vlp7HmNr05bl26C3VDjOMvroRZ7gUR3MxykS5YsTBK10R
+gEsB8XVpFgCMzUO1yODShdCsEg9kCB3fzSWkunK8+TF2TKOM5uWlQwifKJvcNisR
+Nbg3r8WygMMXaWSFA3xWoRuZ5It0jOX18v+x5RHHon/kaRECQQDl6FSwgJLeNAkR
+pMNQGdRhmMesHWmNNBv3Wozqm6Wpkwo5ZXPsLt3pprd0GN5jX0IG7clT1/eMD9/G
++3UGqTj3AkEAwC0M2gv+QUhbaB+KSlOZDOi4gsnhnsnaM7HQGDJJ5no4y2EvnYI3
+Y5rPJWedeYlCV3ccMitjnjcIJHInRZBIewJBANgsamVDn9Ua7GQQni1U/COAek7V
+oQfKNXmRROrbyxr1TSnGwQcU0kf+IIUjVQfu67CEKUeSzAqAapM4oULQHuUCQQC9
+J9qdiO6DXXAzRdA9pplgHnT2rzV3sSEoft3f4yfgRu8+KHPQqkpQrSE1pQ5YgWUe
+aGwFabXNFkfab839562fAkBl8jPidQdKWEgSa6h5pm4++sXLdWl7p6jiyetH64W7
+HnhRryE3ptrRGO0hSV1v4bx3DKzeJiJRlWUWiSl7828t
+-----END RSA PRIVATE KEY-----

gio/tests/cert-list.pem

@@ -0,0 +1,52 @@
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw
+BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR
+q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS
++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQCVO34vew4kvTANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NTI1M1oXDTEyMDcyNDE4NTI1M1owgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAiaJ6bO5NJ
+pyS8p//UVQM/T+exyZxznULwqCuVKv7uwss2QiKiQGJPfVc0iy650cTegtoc4ki5
+Zfg/Cllxj2KAmbkWGlzVw7IvuBouruxdojm+0y60DzWr1rQUkL6VX/VBZXL51VPp
+zCdTCzI3v4ztFStbUyC99xx1hdHOSleLOQ==
+-----END CERTIFICATE-----
+>>>> Garbage to be ignore <<<<
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQD9ny7saeYnDDANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NTMwMVoXDTEyMDcyNDE4NTMwMVowgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGBjOlcmD6
+E6GlY2rvjCf0BpW0t4zKL/wvA5tBmuOWYg93psHgIdSNgkmfbA1kvD6kXehQlt1F
+5yZJP91/VND5LHvXf5TcAmr/KeQAPYvqfiGYXuvHDLA9y9OOyTBMURLYfWuo9HZt
+xeI14sZ9udXwtUhgcvXrBFzlRfkbojuMZw==
+-----END CERTIFICATE-----

gio/tests/cert1.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw
+BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR
+q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS
++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ==
+-----END CERTIFICATE-----

gio/tests/cert2.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQCVO34vew4kvTANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NTI1M1oXDTEyMDcyNDE4NTI1M1owgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAiaJ6bO5NJ
+pyS8p//UVQM/T+exyZxznULwqCuVKv7uwss2QiKiQGJPfVc0iy650cTegtoc4ki5
+Zfg/Cllxj2KAmbkWGlzVw7IvuBouruxdojm+0y60DzWr1rQUkL6VX/VBZXL51VPp
+zCdTCzI3v4ztFStbUyC99xx1hdHOSleLOQ==
+-----END CERTIFICATE-----

gio/tests/cert3.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQD9ny7saeYnDDANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NTMwMVoXDTEyMDcyNDE4NTMwMVowgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGBjOlcmD6
+E6GlY2rvjCf0BpW0t4zKL/wvA5tBmuOWYg93psHgIdSNgkmfbA1kvD6kXehQlt1F
+5yZJP91/VND5LHvXf5TcAmr/KeQAPYvqfiGYXuvHDLA9y9OOyTBMURLYfWuo9HZt
+xeI14sZ9udXwtUhgcvXrBFzlRfkbojuMZw==
+-----END CERTIFICATE-----

gio/tests/gtesttlsbackend.c

@@ -0,0 +1,312 @@
+/* GIO - GLib Input, Output and Streaming Library
+ *
+ * Copyright (C) 2011 Collabora Ltd.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#include "gtesttlsbackend.h"
+
+#include <glib.h>
+
+static GType _g_test_tls_certificate_get_type (void);
+static GType _g_test_tls_connection_get_type (void);
+
+struct _GTestTlsBackend {
+  GObject parent_instance;
+};
+
+static void g_test_tls_backend_iface_init (GTlsBackendInterface *iface);
+
+#define g_test_tls_backend_get_type _g_test_tls_backend_get_type
+G_DEFINE_TYPE_WITH_CODE (GTestTlsBackend, g_test_tls_backend, G_TYPE_OBJECT,
+			 G_IMPLEMENT_INTERFACE (G_TYPE_TLS_BACKEND,
+						g_test_tls_backend_iface_init)
+                         g_io_extension_point_set_required_type (
+                           g_io_extension_point_register (G_TLS_BACKEND_EXTENSION_POINT_NAME),
+                           G_TYPE_TLS_BACKEND);
+			 g_io_extension_point_implement (G_TLS_BACKEND_EXTENSION_POINT_NAME,
+							 g_define_type_id,
+							 "test",
+							 999))
+
+static void
+g_test_tls_backend_init (GTestTlsBackend *backend)
+{
+}
+
+static void
+g_test_tls_backend_class_init (GTestTlsBackendClass *backend_class)
+{
+}
+
+static void
+g_test_tls_backend_iface_init (GTlsBackendInterface *iface)
+{
+  iface->get_certificate_type = _g_test_tls_certificate_get_type;
+  iface->get_client_connection_type = _g_test_tls_connection_get_type;
+  iface->get_server_connection_type = _g_test_tls_connection_get_type;
+}
+
+/* Test certificate type */
+
+typedef struct _GTestTlsCertificate      GTestTlsCertificate;
+typedef struct _GTestTlsCertificateClass GTestTlsCertificateClass;
+
+struct _GTestTlsCertificate {
+  GTlsCertificate parent_instance;
+  gchar *key_pem;
+  gchar *cert_pem;
+};
+
+struct _GTestTlsCertificateClass {
+  GTlsCertificateClass parent_class;
+};
+
+enum
+{
+  PROP_CERTIFICATE_0,
+
+  PROP_CERT_CERTIFICATE,
+  PROP_CERT_CERTIFICATE_PEM,
+  PROP_CERT_PRIVATE_KEY,
+  PROP_CERT_PRIVATE_KEY_PEM,
+  PROP_CERT_ISSUER
+};
+
+static void g_test_tls_certificate_initable_iface_init (GInitableIface *iface);
+
+#define g_test_tls_certificate_get_type _g_test_tls_certificate_get_type
+G_DEFINE_TYPE_WITH_CODE (GTestTlsCertificate, g_test_tls_certificate, G_TYPE_TLS_CERTIFICATE,
+			 G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE,
+						g_test_tls_certificate_initable_iface_init);)
+
+static void
+g_test_tls_certificate_get_property (GObject    *object,
+				      guint       prop_id,
+				      GValue     *value,
+				      GParamSpec *pspec)
+{
+  GTestTlsCertificate *cert = (GTestTlsCertificate *) object;
+
+  switch (prop_id)
+    {
+    case PROP_CERT_CERTIFICATE_PEM:
+      g_value_set_string (value, cert->cert_pem);
+      break;
+    case PROP_CERT_PRIVATE_KEY_PEM:
+      g_value_set_string (value, cert->key_pem);
+      break;
+    default:
+      g_assert_not_reached ();
+      break;
+    }
+}
+
+static void
+g_test_tls_certificate_set_property (GObject      *object,
+				      guint         prop_id,
+				      const GValue *value,
+				      GParamSpec   *pspec)
+{
+  GTestTlsCertificate *cert = (GTestTlsCertificate *) object;
+
+  switch (prop_id)
+    {
+    case PROP_CERT_CERTIFICATE_PEM:
+      cert->cert_pem = g_value_dup_string (value);
+      break;
+    case PROP_CERT_PRIVATE_KEY_PEM:
+      cert->key_pem = g_value_dup_string (value);
+      break;
+    case PROP_CERT_CERTIFICATE:
+    case PROP_CERT_PRIVATE_KEY:
+    case PROP_CERT_ISSUER:
+      /* ignore */
+      break;
+    default:
+      g_assert_not_reached ();
+      break;
+    }
+}
+
+static void
+g_test_tls_certificate_finalize (GObject *object)
+{
+  GTestTlsCertificate *cert = (GTestTlsCertificate *) object;
+
+  g_free (cert->cert_pem);
+  g_free (cert->key_pem);
+}
+
+static void
+g_test_tls_certificate_class_init (GTestTlsCertificateClass *certificate_class)
+{
+  GObjectClass *gobject_class = G_OBJECT_CLASS (certificate_class);
+
+  gobject_class->get_property = g_test_tls_certificate_get_property;
+  gobject_class->set_property = g_test_tls_certificate_set_property;
+  gobject_class->finalize = g_test_tls_certificate_finalize;
+
+  g_object_class_override_property (gobject_class, PROP_CERT_CERTIFICATE, "certificate");
+  g_object_class_override_property (gobject_class, PROP_CERT_CERTIFICATE_PEM, "certificate-pem");
+  g_object_class_override_property (gobject_class, PROP_CERT_PRIVATE_KEY, "private-key");
+  g_object_class_override_property (gobject_class, PROP_CERT_PRIVATE_KEY_PEM, "private-key-pem");
+  g_object_class_override_property (gobject_class, PROP_CERT_ISSUER, "issuer");
+}
+
+static void
+g_test_tls_certificate_init (GTestTlsCertificate *certificate)
+{
+}
+
+static gboolean
+g_test_tls_certificate_initable_init (GInitable       *initable,
+				       GCancellable    *cancellable,
+				       GError         **error)
+{
+  return TRUE;
+}
+
+static void
+g_test_tls_certificate_initable_iface_init (GInitableIface  *iface)
+{
+  iface->init = g_test_tls_certificate_initable_init;
+}
+
+/* Dummy connection type; since GTlsClientConnection and
+ * GTlsServerConnection are just interfaces, we can implement them
+ * both on a single object.
+ */
+
+typedef struct _GTestTlsConnection      GTestTlsConnection;
+typedef struct _GTestTlsConnectionClass GTestTlsConnectionClass;
+
+struct _GTestTlsConnection {
+  GTlsConnection parent_instance;
+};
+
+struct _GTestTlsConnectionClass {
+  GTlsConnectionClass parent_class;
+};
+
+enum
+{
+  PROP_CONNECTION_0,
+
+  PROP_CONN_BASE_IO_STREAM,
+  PROP_CONN_USE_SYSTEM_CERTDB,
+  PROP_CONN_REQUIRE_CLOSE_NOTIFY,
+  PROP_CONN_REHANDSHAKE_MODE,
+  PROP_CONN_CERTIFICATE,
+  PROP_CONN_PEER_CERTIFICATE,
+  PROP_CONN_PEER_CERTIFICATE_ERRORS,
+  PROP_CONN_VALIDATION_FLAGS,
+  PROP_CONN_SERVER_IDENTITY,
+  PROP_CONN_USE_SSL3,
+  PROP_CONN_ACCEPTED_CAS,
+  PROP_CONN_AUTHENTICATION_MODE
+};
+
+static void g_test_tls_connection_initable_iface_init (GInitableIface *iface);
+
+#define g_test_tls_connection_get_type _g_test_tls_connection_get_type
+G_DEFINE_TYPE_WITH_CODE (GTestTlsConnection, g_test_tls_connection, G_TYPE_TLS_CONNECTION,
+			 G_IMPLEMENT_INTERFACE (G_TYPE_TLS_CLIENT_CONNECTION, NULL);
+			 G_IMPLEMENT_INTERFACE (G_TYPE_TLS_SERVER_CONNECTION, NULL);
+			 G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE,
+						g_test_tls_connection_initable_iface_init);)
+
+static void
+g_test_tls_connection_get_property (GObject    *object,
+				     guint       prop_id,
+				     GValue     *value,
+				     GParamSpec *pspec)
+{
+}
+
+static void
+g_test_tls_connection_set_property (GObject      *object,
+				     guint         prop_id,
+				     const GValue *value,
+				     GParamSpec   *pspec)
+{
+}
+
+static gboolean
+g_test_tls_connection_close (GIOStream     *stream,
+			      GCancellable  *cancellable,
+			      GError       **error)
+{
+  return TRUE;
+}
+
+static void
+g_test_tls_connection_class_init (GTestTlsConnectionClass *connection_class)
+{
+  GObjectClass *gobject_class = G_OBJECT_CLASS (connection_class);
+  GIOStreamClass *io_stream_class = G_IO_STREAM_CLASS (connection_class);
+
+  gobject_class->get_property = g_test_tls_connection_get_property;
+  gobject_class->set_property = g_test_tls_connection_set_property;
+
+  /* Need to override this because when initable_init fails it will
+   * dispose the connection, which will close it, which would
+   * otherwise try to close its input/output streams, which don't
+   * exist.
+   */
+  io_stream_class->close_fn = g_test_tls_connection_close;
+
+  g_object_class_override_property (gobject_class, PROP_CONN_BASE_IO_STREAM, "base-io-stream");
+  g_object_class_override_property (gobject_class, PROP_CONN_USE_SYSTEM_CERTDB, "use-system-certdb");
+  g_object_class_override_property (gobject_class, PROP_CONN_REQUIRE_CLOSE_NOTIFY, "require-close-notify");
+  g_object_class_override_property (gobject_class, PROP_CONN_REHANDSHAKE_MODE, "rehandshake-mode");
+  g_object_class_override_property (gobject_class, PROP_CONN_CERTIFICATE, "certificate");
+  g_object_class_override_property (gobject_class, PROP_CONN_PEER_CERTIFICATE, "peer-certificate");
+  g_object_class_override_property (gobject_class, PROP_CONN_PEER_CERTIFICATE_ERRORS, "peer-certificate-errors");
+  g_object_class_override_property (gobject_class, PROP_CONN_VALIDATION_FLAGS, "validation-flags");
+  g_object_class_override_property (gobject_class, PROP_CONN_SERVER_IDENTITY, "server-identity");
+  g_object_class_override_property (gobject_class, PROP_CONN_USE_SSL3, "use-ssl3");
+  g_object_class_override_property (gobject_class, PROP_CONN_ACCEPTED_CAS, "accepted-cas");
+  g_object_class_override_property (gobject_class, PROP_CONN_AUTHENTICATION_MODE, "authentication-mode");
+}
+
+static void
+g_test_tls_connection_init (GTestTlsConnection *connection)
+{
+}
+
+static gboolean
+g_test_tls_connection_initable_init (GInitable       *initable,
+				      GCancellable    *cancellable,
+				      GError         **error)
+{
+  g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_UNAVAILABLE,
+		       "TLS Connection support is not available");
+  return FALSE;
+}
+
+static void
+g_test_tls_connection_initable_iface_init (GInitableIface  *iface)
+{
+  iface->init = g_test_tls_connection_initable_init;
+}
+
+const gchar *
+g_test_tls_connection_get_private_key_pem (GTlsCertificate *cert)
+{
+  return ((GTestTlsCertificate *)cert)->key_pem;
+}

gio/tests/gtesttlsbackend.h

@@ -0,0 +1,49 @@
+/* GIO - GLib Input, Output and Streaming Library
+ *
+ * Copyright (C) 2011 Collabora Ltd.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef __G_TEST_TLS_BACKEND_H__
+#define __G_TEST_TLS_BACKEND_H__
+
+#include <gio/gio.h>
+
+G_BEGIN_DECLS
+
+#define G_TYPE_TEST_TLS_BACKEND         (_g_test_tls_backend_get_type ())
+#define G_TEST_TLS_BACKEND(o)           (G_TYPE_CHECK_INSTANCE_CAST ((o), G_TYPE_TEST_TLS_BACKEND, GTestTlsBackend))
+#define G_TEST_TLS_BACKEND_CLASS(k)     (G_TYPE_CHECK_CLASS_CAST((k), G_TYPE_TEST_TLS_BACKEND, GTestTlsBackendClass))
+#define G_IS_TEST_TLS_BACKEND(o)        (G_TYPE_CHECK_INSTANCE_TYPE ((o), G_TYPE_TEST_TLS_BACKEND))
+#define G_IS_TEST_TLS_BACKEND_CLASS(k)  (G_TYPE_CHECK_CLASS_TYPE ((k), G_TYPE_TEST_TLS_BACKEND))
+#define G_TEST_TLS_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), G_TYPE_TEST_TLS_BACKEND, GTestTlsBackendClass))
+
+typedef struct _GTestTlsBackend       GTestTlsBackend;
+typedef struct _GTestTlsBackendClass  GTestTlsBackendClass;
+
+struct _GTestTlsBackendClass {
+  GObjectClass parent_class;
+};
+
+GType _g_test_tls_backend_get_type       (void);
+
+const gchar *g_test_tls_connection_get_private_key_pem (GTlsCertificate *cert);
+
+
+G_END_DECLS
+
+#endif /* __G_TEST_TLS_BACKEND_H__ */

gio/tests/key-cert.pem

@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCslrTl+gp3lQsEGMegjhQMow5yhinpQ7yji36soGuUpUynQPs7
+P5tm3ojZPeQGNmYof3Csc2yTrMLrCidt8xFkcgtZydOJ9sQSEgwc2of4nlvffIZb
+dIR+13WOPVRmS5tBVkQWFrlSFtQ70BDhNK3SZfkAb4+QmLSR1MJFaUPWrQIDAQAB
+AoGAUTnskYAIhRdEQ/1Vlp7HmNr05bl26C3VDjOMvroRZ7gUR3MxykS5YsTBK10R
+gEsB8XVpFgCMzUO1yODShdCsEg9kCB3fzSWkunK8+TF2TKOM5uWlQwifKJvcNisR
+Nbg3r8WygMMXaWSFA3xWoRuZ5It0jOX18v+x5RHHon/kaRECQQDl6FSwgJLeNAkR
+pMNQGdRhmMesHWmNNBv3Wozqm6Wpkwo5ZXPsLt3pprd0GN5jX0IG7clT1/eMD9/G
++3UGqTj3AkEAwC0M2gv+QUhbaB+KSlOZDOi4gsnhnsnaM7HQGDJJ5no4y2EvnYI3
+Y5rPJWedeYlCV3ccMitjnjcIJHInRZBIewJBANgsamVDn9Ua7GQQni1U/COAek7V
+oQfKNXmRROrbyxr1TSnGwQcU0kf+IIUjVQfu67CEKUeSzAqAapM4oULQHuUCQQC9
+J9qdiO6DXXAzRdA9pplgHnT2rzV3sSEoft3f4yfgRu8+KHPQqkpQrSE1pQ5YgWUe
+aGwFabXNFkfab839562fAkBl8jPidQdKWEgSa6h5pm4++sXLdWl7p6jiyetH64W7
+HnhRryE3ptrRGO0hSV1v4bx3DKzeJiJRlWUWiSl7828t
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC
+Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM
+DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w
+LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu
+Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT
+AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK
+DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu
+MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh
+LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U
+DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR
+ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt
+0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw
+BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR
+q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS
++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ==
+-----END CERTIFICATE-----

gio/tests/key.pem

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCslrTl+gp3lQsEGMegjhQMow5yhinpQ7yji36soGuUpUynQPs7
+P5tm3ojZPeQGNmYof3Csc2yTrMLrCidt8xFkcgtZydOJ9sQSEgwc2of4nlvffIZb
+dIR+13WOPVRmS5tBVkQWFrlSFtQ70BDhNK3SZfkAb4+QmLSR1MJFaUPWrQIDAQAB
+AoGAUTnskYAIhRdEQ/1Vlp7HmNr05bl26C3VDjOMvroRZ7gUR3MxykS5YsTBK10R
+gEsB8XVpFgCMzUO1yODShdCsEg9kCB3fzSWkunK8+TF2TKOM5uWlQwifKJvcNisR
+Nbg3r8WygMMXaWSFA3xWoRuZ5It0jOX18v+x5RHHon/kaRECQQDl6FSwgJLeNAkR
+pMNQGdRhmMesHWmNNBv3Wozqm6Wpkwo5ZXPsLt3pprd0GN5jX0IG7clT1/eMD9/G
++3UGqTj3AkEAwC0M2gv+QUhbaB+KSlOZDOi4gsnhnsnaM7HQGDJJ5no4y2EvnYI3
+Y5rPJWedeYlCV3ccMitjnjcIJHInRZBIewJBANgsamVDn9Ua7GQQni1U/COAek7V
+oQfKNXmRROrbyxr1TSnGwQcU0kf+IIUjVQfu67CEKUeSzAqAapM4oULQHuUCQQC9
+J9qdiO6DXXAzRdA9pplgHnT2rzV3sSEoft3f4yfgRu8+KHPQqkpQrSE1pQ5YgWUe
+aGwFabXNFkfab839562fAkBl8jPidQdKWEgSa6h5pm4++sXLdWl7p6jiyetH64W7
+HnhRryE3ptrRGO0hSV1v4bx3DKzeJiJRlWUWiSl7828t
+-----END RSA PRIVATE KEY-----

gio/tests/tls-certificate.c

@@ -0,0 +1,279 @@
+/* GLib testing framework examples and tests
+ *
+ * Copyright (C) 2011 Collabora Ltd.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
+ */
+
+#include "config.h"
+
+#include <gio/gio.h>
+
+#include "gtesttlsbackend.h"
+
+typedef struct
+{
+  gchar *cert_pems[3];
+  gchar *key_pem;
+} Reference;
+
+static void
+pem_parser (const Reference *ref)
+{
+  GTlsCertificate *cert;
+  gchar *pem;
+  gchar *parsed_cert_pem = NULL;
+  const gchar *parsed_key_pem = NULL;
+  GError *error = NULL;
+
+  /* Check PEM parsing in certificate, private key order. */
+  g_file_get_contents (SRCDIR "/cert-key.pem", &pem, NULL, &error);
+  g_assert_no_error (error);
+  g_assert (pem);
+
+  cert = g_tls_certificate_new_from_pem (pem, -1, &error);
+  g_assert_no_error (error);
+  g_assert (cert);
+
+  g_object_get (cert,
+      "certificate-pem", &parsed_cert_pem,
+      NULL);
+  parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
+  g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
+  g_free (parsed_cert_pem);
+  parsed_cert_pem = NULL;
+  g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
+  parsed_key_pem = NULL;
+
+  g_object_unref (cert);
+
+  /* Make sure length is respected and parser detect invalid (truncated) PEM. */
+  cert = g_tls_certificate_new_from_pem (pem, 10, &error);
+  g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
+  g_clear_error (&error);
+  g_free (pem);
+
+  /* Check PEM parsing in private key, certificate order */
+  g_file_get_contents (SRCDIR "/key-cert.pem", &pem, NULL, &error);
+  g_assert_no_error (error);
+  g_assert (pem);
+
+  cert = g_tls_certificate_new_from_pem (pem, -1, &error);
+  g_assert_no_error (error);
+  g_assert (cert);
+
+  g_object_get (cert,
+      "certificate-pem", &parsed_cert_pem,
+      NULL);
+  parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
+  g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
+  g_free (parsed_cert_pem);
+  parsed_cert_pem = NULL;
+  g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
+  parsed_key_pem = NULL;
+
+  g_free (pem);
+  g_object_unref (cert);
+
+  /* Check certificate only PEM */
+  g_file_get_contents (SRCDIR "/cert1.pem", &pem, NULL, &error);
+  g_assert_no_error (error);
+  g_assert (pem);
+
+  cert = g_tls_certificate_new_from_pem (pem, -1, &error);
+  g_assert_no_error (error);
+  g_assert (cert);
+
+  g_object_get (cert,
+      "certificate-pem", &parsed_cert_pem,
+      NULL);
+  parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
+  g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
+  g_free (parsed_cert_pem);
+  parsed_cert_pem = NULL;
+  g_assert (parsed_key_pem == NULL);
+
+  g_free (pem);
+  g_object_unref (cert);
+
+  /* Check error with private key only PEM */
+  g_file_get_contents (SRCDIR "/key.pem", &pem, NULL, &error);
+  g_assert_no_error (error);
+  g_assert (pem);
+
+  cert = g_tls_certificate_new_from_pem (pem, -1, &error);
+  g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
+  g_clear_error (&error);
+  g_assert (cert == NULL);
+  g_free (pem);
+}
+
+static void
+from_file (const Reference *ref)
+{
+  GTlsCertificate *cert;
+  gchar *parsed_cert_pem = NULL;
+  const gchar *parsed_key_pem = NULL;
+  GError *error = NULL;
+
+  cert = g_tls_certificate_new_from_file (SRCDIR "/key-cert.pem", &error);
+  g_assert_no_error (error);
+  g_assert (cert);
+
+  g_object_get (cert,
+      "certificate-pem", &parsed_cert_pem,
+      NULL);
+  parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
+  g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
+  g_free (parsed_cert_pem);
+  parsed_cert_pem = NULL;
+  g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
+  parsed_key_pem = NULL;
+
+  g_object_unref (cert);
+}
+
+static void
+from_files (const Reference *ref)
+{
+  GTlsCertificate *cert;
+  gchar *parsed_cert_pem = NULL;
+  const gchar *parsed_key_pem = NULL;
+  GError *error = NULL;
+
+  cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
+                                           SRCDIR "/key.pem",
+                                           &error);
+  g_assert_no_error (error);
+  g_assert (cert);
+
+  g_object_get (cert,
+      "certificate-pem", &parsed_cert_pem,
+      NULL);
+  parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert);
+  g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]);
+  g_free (parsed_cert_pem);
+  parsed_cert_pem = NULL;
+  g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem);
+  parsed_key_pem = NULL;
+
+  g_object_unref (cert);
+
+  /* Missing private key */
+  cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem",
+                                           SRCDIR "/cert2.pem",
+                                           &error);
+  g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
+  g_clear_error (&error);
+  g_assert (cert == NULL);
+
+  /* Missing certificate */
+  cert = g_tls_certificate_new_from_files (SRCDIR "/key.pem",
+                                           SRCDIR "/key.pem",
+                                           &error);
+  g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
+  g_clear_error (&error);
+  g_assert (cert == NULL);
+
+  /* Using this method twice with a file containing both private key and
+   * certificate as a way to inforce private key presence is a fair use */
+  cert = g_tls_certificate_new_from_files (SRCDIR "/key-cert.pem",
+                                           SRCDIR "/key-cert.pem",
+                                           &error);
+  g_assert_no_error (error);
+  g_assert (cert);
+  g_object_unref (cert);
+}
+  
+static void
+list_from_file (const Reference *ref)
+{
+  GList *list, *l;
+  GError *error = NULL;
+  int i;
+
+  list = g_tls_certificate_list_new_from_file (SRCDIR "/cert-list.pem", &error);
+  g_assert_no_error (error);
+  g_assert_cmpint (g_list_length (list), ==, 3);
+
+  l = list;
+  for (i = 0; i < 3; i++)
+    {
+      GTlsCertificate *cert = l->data;
+      gchar *parsed_cert_pem = NULL;
+      g_object_get (cert,
+          "certificate-pem", &parsed_cert_pem,
+          NULL);
+      g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]);
+      g_free (parsed_cert_pem);
+      l = g_list_next (l);
+    }
+
+  g_list_free_full (list, g_object_unref);
+
+  /* Empty list is not an error */
+  list = g_tls_certificate_list_new_from_file (SRCDIR "/nothing.pem", &error);
+  g_assert_no_error (error);
+  g_assert_cmpint (g_list_length (list), ==, 0);
+}
+
+int
+main (int   argc,
+      char *argv[])
+{
+  int rtv;
+  Reference ref;
+  GError *error = NULL;
+
+  g_type_init ();
+  g_test_init (&argc, &argv, NULL);
+
+  _g_test_tls_backend_get_type ();
+
+  /* Load reference PEM */
+  g_file_get_contents (SRCDIR "/cert1.pem", &ref.cert_pems[0], NULL, &error);
+  g_assert_no_error (error);
+  g_assert (ref.cert_pems[0]);
+  g_file_get_contents (SRCDIR "/cert2.pem", &ref.cert_pems[1], NULL, &error);
+  g_assert_no_error (error);
+  g_assert (ref.cert_pems[1]);
+  g_file_get_contents (SRCDIR "/cert3.pem", &ref.cert_pems[2], NULL, &error);
+  g_assert_no_error (error);
+  g_assert (ref.cert_pems[2]);
+  g_file_get_contents (SRCDIR "/key.pem", &ref.key_pem, NULL, &error);
+  g_assert_no_error (error);
+  g_assert (ref.key_pem);
+
+  g_test_add_data_func ("/tls-certificate/pem-parser",
+                        &ref, (GTestDataFunc)pem_parser);
+  g_test_add_data_func ("/tls-certificate/from_file",
+                        &ref, (GTestDataFunc)from_file);
+  g_test_add_data_func ("/tls-certificate/from_files",
+                        &ref, (GTestDataFunc)from_files);
+  g_test_add_data_func ("/tls-certificate/list_from_file",
+                        &ref, (GTestDataFunc)list_from_file);
+
+  rtv = g_test_run();
+
+  g_free (ref.cert_pems[0]);
+  g_free (ref.cert_pems[1]);
+  g_free (ref.cert_pems[2]);
+  g_free (ref.key_pem);
+
+  return rtv;
+}