From dbb78fe57de0792d409b1baf88661844384c2762 Mon Sep 17 00:00:00 2001 From: Nicolas Dufresne Date: Mon, 25 Jul 2011 15:59:58 -0400 Subject: [PATCH] Added TLS PEM parser unit test --- gio/tests/Makefile.am | 4 + gio/tests/cert-key.pem | 32 ++++ gio/tests/cert-list.pem | 52 ++++++ gio/tests/cert1.pem | 17 ++ gio/tests/cert2.pem | 17 ++ gio/tests/cert3.pem | 17 ++ gio/tests/gtesttlsbackend.c | 312 ++++++++++++++++++++++++++++++++++++ gio/tests/gtesttlsbackend.h | 49 ++++++ gio/tests/key-cert.pem | 32 ++++ gio/tests/key.pem | 15 ++ gio/tests/nothing.pem | 0 gio/tests/tls-certificate.c | 279 ++++++++++++++++++++++++++++++++ 12 files changed, 826 insertions(+) create mode 100644 gio/tests/cert-key.pem create mode 100644 gio/tests/cert-list.pem create mode 100644 gio/tests/cert1.pem create mode 100644 gio/tests/cert2.pem create mode 100644 gio/tests/cert3.pem create mode 100644 gio/tests/gtesttlsbackend.c create mode 100644 gio/tests/gtesttlsbackend.h create mode 100644 gio/tests/key-cert.pem create mode 100644 gio/tests/key.pem create mode 100644 gio/tests/nothing.pem create mode 100644 gio/tests/tls-certificate.c diff --git a/gio/tests/Makefile.am b/gio/tests/Makefile.am index 2537455c8..f7d8e084c 100644 --- a/gio/tests/Makefile.am +++ b/gio/tests/Makefile.am @@ -50,6 +50,7 @@ TEST_PROGS += \ gdbus-message \ socket \ pollable \ + tls-certificate \ $(NULL) if OS_UNIX @@ -454,6 +455,9 @@ proxy_SOURCES = proxy.c proxy_LDADD = $(progs_ldadd) \ $(top_builddir)/gthread/libgthread-2.0.la +tls_certificate_SOURCES = tls-certificate.c gtesttlsbackend.c gtesttlsbackend.h +tls_certificate_LDADD = $(progs_ldadd) + # ----------------------------------------------------------------------------- if OS_UNIX diff --git a/gio/tests/cert-key.pem b/gio/tests/cert-key.pem new file mode 100644 index 000000000..5babba3c5 --- /dev/null +++ b/gio/tests/cert-key.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw +BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR +q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS ++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCslrTl+gp3lQsEGMegjhQMow5yhinpQ7yji36soGuUpUynQPs7 +P5tm3ojZPeQGNmYof3Csc2yTrMLrCidt8xFkcgtZydOJ9sQSEgwc2of4nlvffIZb +dIR+13WOPVRmS5tBVkQWFrlSFtQ70BDhNK3SZfkAb4+QmLSR1MJFaUPWrQIDAQAB +AoGAUTnskYAIhRdEQ/1Vlp7HmNr05bl26C3VDjOMvroRZ7gUR3MxykS5YsTBK10R +gEsB8XVpFgCMzUO1yODShdCsEg9kCB3fzSWkunK8+TF2TKOM5uWlQwifKJvcNisR +Nbg3r8WygMMXaWSFA3xWoRuZ5It0jOX18v+x5RHHon/kaRECQQDl6FSwgJLeNAkR +pMNQGdRhmMesHWmNNBv3Wozqm6Wpkwo5ZXPsLt3pprd0GN5jX0IG7clT1/eMD9/G ++3UGqTj3AkEAwC0M2gv+QUhbaB+KSlOZDOi4gsnhnsnaM7HQGDJJ5no4y2EvnYI3 +Y5rPJWedeYlCV3ccMitjnjcIJHInRZBIewJBANgsamVDn9Ua7GQQni1U/COAek7V +oQfKNXmRROrbyxr1TSnGwQcU0kf+IIUjVQfu67CEKUeSzAqAapM4oULQHuUCQQC9 +J9qdiO6DXXAzRdA9pplgHnT2rzV3sSEoft3f4yfgRu8+KHPQqkpQrSE1pQ5YgWUe +aGwFabXNFkfab839562fAkBl8jPidQdKWEgSa6h5pm4++sXLdWl7p6jiyetH64W7 +HnhRryE3ptrRGO0hSV1v4bx3DKzeJiJRlWUWiSl7828t +-----END RSA PRIVATE KEY----- diff --git a/gio/tests/cert-list.pem b/gio/tests/cert-list.pem new file mode 100644 index 000000000..bf2fb311f --- /dev/null +++ b/gio/tests/cert-list.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw +BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR +q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS ++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQCVO34vew4kvTANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NTI1M1oXDTEyMDcyNDE4NTI1M1owgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAiaJ6bO5NJ +pyS8p//UVQM/T+exyZxznULwqCuVKv7uwss2QiKiQGJPfVc0iy650cTegtoc4ki5 +Zfg/Cllxj2KAmbkWGlzVw7IvuBouruxdojm+0y60DzWr1rQUkL6VX/VBZXL51VPp +zCdTCzI3v4ztFStbUyC99xx1hdHOSleLOQ== +-----END CERTIFICATE----- +>>>> Garbage to be ignore <<<< +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQD9ny7saeYnDDANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NTMwMVoXDTEyMDcyNDE4NTMwMVowgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGBjOlcmD6 +E6GlY2rvjCf0BpW0t4zKL/wvA5tBmuOWYg93psHgIdSNgkmfbA1kvD6kXehQlt1F +5yZJP91/VND5LHvXf5TcAmr/KeQAPYvqfiGYXuvHDLA9y9OOyTBMURLYfWuo9HZt +xeI14sZ9udXwtUhgcvXrBFzlRfkbojuMZw== +-----END CERTIFICATE----- diff --git a/gio/tests/cert1.pem b/gio/tests/cert1.pem new file mode 100644 index 000000000..b21bb8b17 --- /dev/null +++ b/gio/tests/cert1.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw +BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR +q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS ++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ== +-----END CERTIFICATE----- diff --git a/gio/tests/cert2.pem b/gio/tests/cert2.pem new file mode 100644 index 000000000..ba1df45c4 --- /dev/null +++ b/gio/tests/cert2.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQCVO34vew4kvTANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NTI1M1oXDTEyMDcyNDE4NTI1M1owgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAiaJ6bO5NJ +pyS8p//UVQM/T+exyZxznULwqCuVKv7uwss2QiKiQGJPfVc0iy650cTegtoc4ki5 +Zfg/Cllxj2KAmbkWGlzVw7IvuBouruxdojm+0y60DzWr1rQUkL6VX/VBZXL51VPp +zCdTCzI3v4ztFStbUyC99xx1hdHOSleLOQ== +-----END CERTIFICATE----- diff --git a/gio/tests/cert3.pem b/gio/tests/cert3.pem new file mode 100644 index 000000000..57d6e6b20 --- /dev/null +++ b/gio/tests/cert3.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQD9ny7saeYnDDANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NTMwMVoXDTEyMDcyNDE4NTMwMVowgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGBjOlcmD6 +E6GlY2rvjCf0BpW0t4zKL/wvA5tBmuOWYg93psHgIdSNgkmfbA1kvD6kXehQlt1F +5yZJP91/VND5LHvXf5TcAmr/KeQAPYvqfiGYXuvHDLA9y9OOyTBMURLYfWuo9HZt +xeI14sZ9udXwtUhgcvXrBFzlRfkbojuMZw== +-----END CERTIFICATE----- diff --git a/gio/tests/gtesttlsbackend.c b/gio/tests/gtesttlsbackend.c new file mode 100644 index 000000000..d951bdf1f --- /dev/null +++ b/gio/tests/gtesttlsbackend.c @@ -0,0 +1,312 @@ +/* GIO - GLib Input, Output and Streaming Library + * + * Copyright (C) 2011 Collabora Ltd. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#include "gtesttlsbackend.h" + +#include + +static GType _g_test_tls_certificate_get_type (void); +static GType _g_test_tls_connection_get_type (void); + +struct _GTestTlsBackend { + GObject parent_instance; +}; + +static void g_test_tls_backend_iface_init (GTlsBackendInterface *iface); + +#define g_test_tls_backend_get_type _g_test_tls_backend_get_type +G_DEFINE_TYPE_WITH_CODE (GTestTlsBackend, g_test_tls_backend, G_TYPE_OBJECT, + G_IMPLEMENT_INTERFACE (G_TYPE_TLS_BACKEND, + g_test_tls_backend_iface_init) + g_io_extension_point_set_required_type ( + g_io_extension_point_register (G_TLS_BACKEND_EXTENSION_POINT_NAME), + G_TYPE_TLS_BACKEND); + g_io_extension_point_implement (G_TLS_BACKEND_EXTENSION_POINT_NAME, + g_define_type_id, + "test", + 999)) + +static void +g_test_tls_backend_init (GTestTlsBackend *backend) +{ +} + +static void +g_test_tls_backend_class_init (GTestTlsBackendClass *backend_class) +{ +} + +static void +g_test_tls_backend_iface_init (GTlsBackendInterface *iface) +{ + iface->get_certificate_type = _g_test_tls_certificate_get_type; + iface->get_client_connection_type = _g_test_tls_connection_get_type; + iface->get_server_connection_type = _g_test_tls_connection_get_type; +} + +/* Test certificate type */ + +typedef struct _GTestTlsCertificate GTestTlsCertificate; +typedef struct _GTestTlsCertificateClass GTestTlsCertificateClass; + +struct _GTestTlsCertificate { + GTlsCertificate parent_instance; + gchar *key_pem; + gchar *cert_pem; +}; + +struct _GTestTlsCertificateClass { + GTlsCertificateClass parent_class; +}; + +enum +{ + PROP_CERTIFICATE_0, + + PROP_CERT_CERTIFICATE, + PROP_CERT_CERTIFICATE_PEM, + PROP_CERT_PRIVATE_KEY, + PROP_CERT_PRIVATE_KEY_PEM, + PROP_CERT_ISSUER +}; + +static void g_test_tls_certificate_initable_iface_init (GInitableIface *iface); + +#define g_test_tls_certificate_get_type _g_test_tls_certificate_get_type +G_DEFINE_TYPE_WITH_CODE (GTestTlsCertificate, g_test_tls_certificate, G_TYPE_TLS_CERTIFICATE, + G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE, + g_test_tls_certificate_initable_iface_init);) + +static void +g_test_tls_certificate_get_property (GObject *object, + guint prop_id, + GValue *value, + GParamSpec *pspec) +{ + GTestTlsCertificate *cert = (GTestTlsCertificate *) object; + + switch (prop_id) + { + case PROP_CERT_CERTIFICATE_PEM: + g_value_set_string (value, cert->cert_pem); + break; + case PROP_CERT_PRIVATE_KEY_PEM: + g_value_set_string (value, cert->key_pem); + break; + default: + g_assert_not_reached (); + break; + } +} + +static void +g_test_tls_certificate_set_property (GObject *object, + guint prop_id, + const GValue *value, + GParamSpec *pspec) +{ + GTestTlsCertificate *cert = (GTestTlsCertificate *) object; + + switch (prop_id) + { + case PROP_CERT_CERTIFICATE_PEM: + cert->cert_pem = g_value_dup_string (value); + break; + case PROP_CERT_PRIVATE_KEY_PEM: + cert->key_pem = g_value_dup_string (value); + break; + case PROP_CERT_CERTIFICATE: + case PROP_CERT_PRIVATE_KEY: + case PROP_CERT_ISSUER: + /* ignore */ + break; + default: + g_assert_not_reached (); + break; + } +} + +static void +g_test_tls_certificate_finalize (GObject *object) +{ + GTestTlsCertificate *cert = (GTestTlsCertificate *) object; + + g_free (cert->cert_pem); + g_free (cert->key_pem); +} + +static void +g_test_tls_certificate_class_init (GTestTlsCertificateClass *certificate_class) +{ + GObjectClass *gobject_class = G_OBJECT_CLASS (certificate_class); + + gobject_class->get_property = g_test_tls_certificate_get_property; + gobject_class->set_property = g_test_tls_certificate_set_property; + gobject_class->finalize = g_test_tls_certificate_finalize; + + g_object_class_override_property (gobject_class, PROP_CERT_CERTIFICATE, "certificate"); + g_object_class_override_property (gobject_class, PROP_CERT_CERTIFICATE_PEM, "certificate-pem"); + g_object_class_override_property (gobject_class, PROP_CERT_PRIVATE_KEY, "private-key"); + g_object_class_override_property (gobject_class, PROP_CERT_PRIVATE_KEY_PEM, "private-key-pem"); + g_object_class_override_property (gobject_class, PROP_CERT_ISSUER, "issuer"); +} + +static void +g_test_tls_certificate_init (GTestTlsCertificate *certificate) +{ +} + +static gboolean +g_test_tls_certificate_initable_init (GInitable *initable, + GCancellable *cancellable, + GError **error) +{ + return TRUE; +} + +static void +g_test_tls_certificate_initable_iface_init (GInitableIface *iface) +{ + iface->init = g_test_tls_certificate_initable_init; +} + +/* Dummy connection type; since GTlsClientConnection and + * GTlsServerConnection are just interfaces, we can implement them + * both on a single object. + */ + +typedef struct _GTestTlsConnection GTestTlsConnection; +typedef struct _GTestTlsConnectionClass GTestTlsConnectionClass; + +struct _GTestTlsConnection { + GTlsConnection parent_instance; +}; + +struct _GTestTlsConnectionClass { + GTlsConnectionClass parent_class; +}; + +enum +{ + PROP_CONNECTION_0, + + PROP_CONN_BASE_IO_STREAM, + PROP_CONN_USE_SYSTEM_CERTDB, + PROP_CONN_REQUIRE_CLOSE_NOTIFY, + PROP_CONN_REHANDSHAKE_MODE, + PROP_CONN_CERTIFICATE, + PROP_CONN_PEER_CERTIFICATE, + PROP_CONN_PEER_CERTIFICATE_ERRORS, + PROP_CONN_VALIDATION_FLAGS, + PROP_CONN_SERVER_IDENTITY, + PROP_CONN_USE_SSL3, + PROP_CONN_ACCEPTED_CAS, + PROP_CONN_AUTHENTICATION_MODE +}; + +static void g_test_tls_connection_initable_iface_init (GInitableIface *iface); + +#define g_test_tls_connection_get_type _g_test_tls_connection_get_type +G_DEFINE_TYPE_WITH_CODE (GTestTlsConnection, g_test_tls_connection, G_TYPE_TLS_CONNECTION, + G_IMPLEMENT_INTERFACE (G_TYPE_TLS_CLIENT_CONNECTION, NULL); + G_IMPLEMENT_INTERFACE (G_TYPE_TLS_SERVER_CONNECTION, NULL); + G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE, + g_test_tls_connection_initable_iface_init);) + +static void +g_test_tls_connection_get_property (GObject *object, + guint prop_id, + GValue *value, + GParamSpec *pspec) +{ +} + +static void +g_test_tls_connection_set_property (GObject *object, + guint prop_id, + const GValue *value, + GParamSpec *pspec) +{ +} + +static gboolean +g_test_tls_connection_close (GIOStream *stream, + GCancellable *cancellable, + GError **error) +{ + return TRUE; +} + +static void +g_test_tls_connection_class_init (GTestTlsConnectionClass *connection_class) +{ + GObjectClass *gobject_class = G_OBJECT_CLASS (connection_class); + GIOStreamClass *io_stream_class = G_IO_STREAM_CLASS (connection_class); + + gobject_class->get_property = g_test_tls_connection_get_property; + gobject_class->set_property = g_test_tls_connection_set_property; + + /* Need to override this because when initable_init fails it will + * dispose the connection, which will close it, which would + * otherwise try to close its input/output streams, which don't + * exist. + */ + io_stream_class->close_fn = g_test_tls_connection_close; + + g_object_class_override_property (gobject_class, PROP_CONN_BASE_IO_STREAM, "base-io-stream"); + g_object_class_override_property (gobject_class, PROP_CONN_USE_SYSTEM_CERTDB, "use-system-certdb"); + g_object_class_override_property (gobject_class, PROP_CONN_REQUIRE_CLOSE_NOTIFY, "require-close-notify"); + g_object_class_override_property (gobject_class, PROP_CONN_REHANDSHAKE_MODE, "rehandshake-mode"); + g_object_class_override_property (gobject_class, PROP_CONN_CERTIFICATE, "certificate"); + g_object_class_override_property (gobject_class, PROP_CONN_PEER_CERTIFICATE, "peer-certificate"); + g_object_class_override_property (gobject_class, PROP_CONN_PEER_CERTIFICATE_ERRORS, "peer-certificate-errors"); + g_object_class_override_property (gobject_class, PROP_CONN_VALIDATION_FLAGS, "validation-flags"); + g_object_class_override_property (gobject_class, PROP_CONN_SERVER_IDENTITY, "server-identity"); + g_object_class_override_property (gobject_class, PROP_CONN_USE_SSL3, "use-ssl3"); + g_object_class_override_property (gobject_class, PROP_CONN_ACCEPTED_CAS, "accepted-cas"); + g_object_class_override_property (gobject_class, PROP_CONN_AUTHENTICATION_MODE, "authentication-mode"); +} + +static void +g_test_tls_connection_init (GTestTlsConnection *connection) +{ +} + +static gboolean +g_test_tls_connection_initable_init (GInitable *initable, + GCancellable *cancellable, + GError **error) +{ + g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_UNAVAILABLE, + "TLS Connection support is not available"); + return FALSE; +} + +static void +g_test_tls_connection_initable_iface_init (GInitableIface *iface) +{ + iface->init = g_test_tls_connection_initable_init; +} + +const gchar * +g_test_tls_connection_get_private_key_pem (GTlsCertificate *cert) +{ + return ((GTestTlsCertificate *)cert)->key_pem; +} diff --git a/gio/tests/gtesttlsbackend.h b/gio/tests/gtesttlsbackend.h new file mode 100644 index 000000000..c745fb984 --- /dev/null +++ b/gio/tests/gtesttlsbackend.h @@ -0,0 +1,49 @@ +/* GIO - GLib Input, Output and Streaming Library + * + * Copyright (C) 2011 Collabora Ltd. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef __G_TEST_TLS_BACKEND_H__ +#define __G_TEST_TLS_BACKEND_H__ + +#include + +G_BEGIN_DECLS + +#define G_TYPE_TEST_TLS_BACKEND (_g_test_tls_backend_get_type ()) +#define G_TEST_TLS_BACKEND(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), G_TYPE_TEST_TLS_BACKEND, GTestTlsBackend)) +#define G_TEST_TLS_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), G_TYPE_TEST_TLS_BACKEND, GTestTlsBackendClass)) +#define G_IS_TEST_TLS_BACKEND(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), G_TYPE_TEST_TLS_BACKEND)) +#define G_IS_TEST_TLS_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), G_TYPE_TEST_TLS_BACKEND)) +#define G_TEST_TLS_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), G_TYPE_TEST_TLS_BACKEND, GTestTlsBackendClass)) + +typedef struct _GTestTlsBackend GTestTlsBackend; +typedef struct _GTestTlsBackendClass GTestTlsBackendClass; + +struct _GTestTlsBackendClass { + GObjectClass parent_class; +}; + +GType _g_test_tls_backend_get_type (void); + +const gchar *g_test_tls_connection_get_private_key_pem (GTlsCertificate *cert); + + +G_END_DECLS + +#endif /* __G_TEST_TLS_BACKEND_H__ */ diff --git a/gio/tests/key-cert.pem b/gio/tests/key-cert.pem new file mode 100644 index 000000000..5f3992f87 --- /dev/null +++ b/gio/tests/key-cert.pem @@ -0,0 +1,32 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCslrTl+gp3lQsEGMegjhQMow5yhinpQ7yji36soGuUpUynQPs7 +P5tm3ojZPeQGNmYof3Csc2yTrMLrCidt8xFkcgtZydOJ9sQSEgwc2of4nlvffIZb +dIR+13WOPVRmS5tBVkQWFrlSFtQ70BDhNK3SZfkAb4+QmLSR1MJFaUPWrQIDAQAB +AoGAUTnskYAIhRdEQ/1Vlp7HmNr05bl26C3VDjOMvroRZ7gUR3MxykS5YsTBK10R +gEsB8XVpFgCMzUO1yODShdCsEg9kCB3fzSWkunK8+TF2TKOM5uWlQwifKJvcNisR +Nbg3r8WygMMXaWSFA3xWoRuZ5It0jOX18v+x5RHHon/kaRECQQDl6FSwgJLeNAkR +pMNQGdRhmMesHWmNNBv3Wozqm6Wpkwo5ZXPsLt3pprd0GN5jX0IG7clT1/eMD9/G ++3UGqTj3AkEAwC0M2gv+QUhbaB+KSlOZDOi4gsnhnsnaM7HQGDJJ5no4y2EvnYI3 +Y5rPJWedeYlCV3ccMitjnjcIJHInRZBIewJBANgsamVDn9Ua7GQQni1U/COAek7V +oQfKNXmRROrbyxr1TSnGwQcU0kf+IIUjVQfu67CEKUeSzAqAapM4oULQHuUCQQC9 +J9qdiO6DXXAzRdA9pplgHnT2rzV3sSEoft3f4yfgRu8+KHPQqkpQrSE1pQ5YgWUe +aGwFabXNFkfab839562fAkBl8jPidQdKWEgSa6h5pm4++sXLdWl7p6jiyetH64W7 +HnhRryE3ptrRGO0hSV1v4bx3DKzeJiJRlWUWiSl7828t +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIICtTCCAh4CCQCMmwFMUPAJYzANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMC +Q0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwITW9udHJlYWwxFzAVBgNVBAoM +DkNvbGxhYm9yYSBMdGQuMQ8wDQYDVQQLDAZDYW5hZGExEjAQBgNVBAMMCTEyNy4w +LjAuMTEtMCsGCSqGSIb3DQEJARYebmljb2xhcy5kdWZyZXNuZUBjb2xsYWJvcmEu +Y29tMB4XDTExMDcyNTE4NDkzNFoXDTEyMDcyNDE4NDkzNFowgZ4xCzAJBgNVBAYT +AkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1vbnRyZWFsMRcwFQYDVQQK +DA5Db2xsYWJvcmEgTHRkLjEPMA0GA1UECwwGQ2FuYWRhMRIwEAYDVQQDDAkxMjcu +MC4wLjExLTArBgkqhkiG9w0BCQEWHm5pY29sYXMuZHVmcmVzbmVAY29sbGFib3Jh +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArJa05foKd5ULBBjHoI4U +DKMOcoYp6UO8o4t+rKBrlKVMp0D7Oz+bZt6I2T3kBjZmKH9wrHNsk6zC6wonbfMR +ZHILWcnTifbEEhIMHNqH+J5b33yGW3SEftd1jj1UZkubQVZEFha5UhbUO9AQ4TSt +0mX5AG+PkJi0kdTCRWlD1q0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCaaBfCfCiw +BJ/2pzZOjoFQcMqwPWufJ+F7hv8AK0zaEhsYW/JPPNpVVjM4Rf9dhMFG513GQ6IR +q3K+okin/2H6XyLD1eyAxAreuyMZPwOsTdgkVROhl+NJEfZKnFZSxK9wkiQRnNhS ++5L8/na5o3vsgGerggQi8pj2JjfVE0R/aQ== +-----END CERTIFICATE----- diff --git a/gio/tests/key.pem b/gio/tests/key.pem new file mode 100644 index 000000000..b9c6e825b --- /dev/null +++ b/gio/tests/key.pem @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCslrTl+gp3lQsEGMegjhQMow5yhinpQ7yji36soGuUpUynQPs7 +P5tm3ojZPeQGNmYof3Csc2yTrMLrCidt8xFkcgtZydOJ9sQSEgwc2of4nlvffIZb +dIR+13WOPVRmS5tBVkQWFrlSFtQ70BDhNK3SZfkAb4+QmLSR1MJFaUPWrQIDAQAB +AoGAUTnskYAIhRdEQ/1Vlp7HmNr05bl26C3VDjOMvroRZ7gUR3MxykS5YsTBK10R +gEsB8XVpFgCMzUO1yODShdCsEg9kCB3fzSWkunK8+TF2TKOM5uWlQwifKJvcNisR +Nbg3r8WygMMXaWSFA3xWoRuZ5It0jOX18v+x5RHHon/kaRECQQDl6FSwgJLeNAkR +pMNQGdRhmMesHWmNNBv3Wozqm6Wpkwo5ZXPsLt3pprd0GN5jX0IG7clT1/eMD9/G ++3UGqTj3AkEAwC0M2gv+QUhbaB+KSlOZDOi4gsnhnsnaM7HQGDJJ5no4y2EvnYI3 +Y5rPJWedeYlCV3ccMitjnjcIJHInRZBIewJBANgsamVDn9Ua7GQQni1U/COAek7V +oQfKNXmRROrbyxr1TSnGwQcU0kf+IIUjVQfu67CEKUeSzAqAapM4oULQHuUCQQC9 +J9qdiO6DXXAzRdA9pplgHnT2rzV3sSEoft3f4yfgRu8+KHPQqkpQrSE1pQ5YgWUe +aGwFabXNFkfab839562fAkBl8jPidQdKWEgSa6h5pm4++sXLdWl7p6jiyetH64W7 +HnhRryE3ptrRGO0hSV1v4bx3DKzeJiJRlWUWiSl7828t +-----END RSA PRIVATE KEY----- diff --git a/gio/tests/nothing.pem b/gio/tests/nothing.pem new file mode 100644 index 000000000..e69de29bb diff --git a/gio/tests/tls-certificate.c b/gio/tests/tls-certificate.c new file mode 100644 index 000000000..b6e23fe60 --- /dev/null +++ b/gio/tests/tls-certificate.c @@ -0,0 +1,279 @@ +/* GLib testing framework examples and tests + * + * Copyright (C) 2011 Collabora Ltd. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: Nicolas Dufresne + */ + +#include "config.h" + +#include + +#include "gtesttlsbackend.h" + +typedef struct +{ + gchar *cert_pems[3]; + gchar *key_pem; +} Reference; + +static void +pem_parser (const Reference *ref) +{ + GTlsCertificate *cert; + gchar *pem; + gchar *parsed_cert_pem = NULL; + const gchar *parsed_key_pem = NULL; + GError *error = NULL; + + /* Check PEM parsing in certificate, private key order. */ + g_file_get_contents (SRCDIR "/cert-key.pem", &pem, NULL, &error); + g_assert_no_error (error); + g_assert (pem); + + cert = g_tls_certificate_new_from_pem (pem, -1, &error); + g_assert_no_error (error); + g_assert (cert); + + g_object_get (cert, + "certificate-pem", &parsed_cert_pem, + NULL); + parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert); + g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); + g_free (parsed_cert_pem); + parsed_cert_pem = NULL; + g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); + parsed_key_pem = NULL; + + g_object_unref (cert); + + /* Make sure length is respected and parser detect invalid (truncated) PEM. */ + cert = g_tls_certificate_new_from_pem (pem, 10, &error); + g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); + g_clear_error (&error); + g_free (pem); + + /* Check PEM parsing in private key, certificate order */ + g_file_get_contents (SRCDIR "/key-cert.pem", &pem, NULL, &error); + g_assert_no_error (error); + g_assert (pem); + + cert = g_tls_certificate_new_from_pem (pem, -1, &error); + g_assert_no_error (error); + g_assert (cert); + + g_object_get (cert, + "certificate-pem", &parsed_cert_pem, + NULL); + parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert); + g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); + g_free (parsed_cert_pem); + parsed_cert_pem = NULL; + g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); + parsed_key_pem = NULL; + + g_free (pem); + g_object_unref (cert); + + /* Check certificate only PEM */ + g_file_get_contents (SRCDIR "/cert1.pem", &pem, NULL, &error); + g_assert_no_error (error); + g_assert (pem); + + cert = g_tls_certificate_new_from_pem (pem, -1, &error); + g_assert_no_error (error); + g_assert (cert); + + g_object_get (cert, + "certificate-pem", &parsed_cert_pem, + NULL); + parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert); + g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); + g_free (parsed_cert_pem); + parsed_cert_pem = NULL; + g_assert (parsed_key_pem == NULL); + + g_free (pem); + g_object_unref (cert); + + /* Check error with private key only PEM */ + g_file_get_contents (SRCDIR "/key.pem", &pem, NULL, &error); + g_assert_no_error (error); + g_assert (pem); + + cert = g_tls_certificate_new_from_pem (pem, -1, &error); + g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); + g_clear_error (&error); + g_assert (cert == NULL); + g_free (pem); +} + +static void +from_file (const Reference *ref) +{ + GTlsCertificate *cert; + gchar *parsed_cert_pem = NULL; + const gchar *parsed_key_pem = NULL; + GError *error = NULL; + + cert = g_tls_certificate_new_from_file (SRCDIR "/key-cert.pem", &error); + g_assert_no_error (error); + g_assert (cert); + + g_object_get (cert, + "certificate-pem", &parsed_cert_pem, + NULL); + parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert); + g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); + g_free (parsed_cert_pem); + parsed_cert_pem = NULL; + g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); + parsed_key_pem = NULL; + + g_object_unref (cert); +} + +static void +from_files (const Reference *ref) +{ + GTlsCertificate *cert; + gchar *parsed_cert_pem = NULL; + const gchar *parsed_key_pem = NULL; + GError *error = NULL; + + cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem", + SRCDIR "/key.pem", + &error); + g_assert_no_error (error); + g_assert (cert); + + g_object_get (cert, + "certificate-pem", &parsed_cert_pem, + NULL); + parsed_key_pem = g_test_tls_connection_get_private_key_pem (cert); + g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[0]); + g_free (parsed_cert_pem); + parsed_cert_pem = NULL; + g_assert_cmpstr (parsed_key_pem, ==, ref->key_pem); + parsed_key_pem = NULL; + + g_object_unref (cert); + + /* Missing private key */ + cert = g_tls_certificate_new_from_files (SRCDIR "/cert1.pem", + SRCDIR "/cert2.pem", + &error); + g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); + g_clear_error (&error); + g_assert (cert == NULL); + + /* Missing certificate */ + cert = g_tls_certificate_new_from_files (SRCDIR "/key.pem", + SRCDIR "/key.pem", + &error); + g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE); + g_clear_error (&error); + g_assert (cert == NULL); + + /* Using this method twice with a file containing both private key and + * certificate as a way to inforce private key presence is a fair use */ + cert = g_tls_certificate_new_from_files (SRCDIR "/key-cert.pem", + SRCDIR "/key-cert.pem", + &error); + g_assert_no_error (error); + g_assert (cert); + g_object_unref (cert); +} + +static void +list_from_file (const Reference *ref) +{ + GList *list, *l; + GError *error = NULL; + int i; + + list = g_tls_certificate_list_new_from_file (SRCDIR "/cert-list.pem", &error); + g_assert_no_error (error); + g_assert_cmpint (g_list_length (list), ==, 3); + + l = list; + for (i = 0; i < 3; i++) + { + GTlsCertificate *cert = l->data; + gchar *parsed_cert_pem = NULL; + g_object_get (cert, + "certificate-pem", &parsed_cert_pem, + NULL); + g_assert_cmpstr (parsed_cert_pem, ==, ref->cert_pems[i]); + g_free (parsed_cert_pem); + l = g_list_next (l); + } + + g_list_free_full (list, g_object_unref); + + /* Empty list is not an error */ + list = g_tls_certificate_list_new_from_file (SRCDIR "/nothing.pem", &error); + g_assert_no_error (error); + g_assert_cmpint (g_list_length (list), ==, 0); +} + +int +main (int argc, + char *argv[]) +{ + int rtv; + Reference ref; + GError *error = NULL; + + g_type_init (); + g_test_init (&argc, &argv, NULL); + + _g_test_tls_backend_get_type (); + + /* Load reference PEM */ + g_file_get_contents (SRCDIR "/cert1.pem", &ref.cert_pems[0], NULL, &error); + g_assert_no_error (error); + g_assert (ref.cert_pems[0]); + g_file_get_contents (SRCDIR "/cert2.pem", &ref.cert_pems[1], NULL, &error); + g_assert_no_error (error); + g_assert (ref.cert_pems[1]); + g_file_get_contents (SRCDIR "/cert3.pem", &ref.cert_pems[2], NULL, &error); + g_assert_no_error (error); + g_assert (ref.cert_pems[2]); + g_file_get_contents (SRCDIR "/key.pem", &ref.key_pem, NULL, &error); + g_assert_no_error (error); + g_assert (ref.key_pem); + + g_test_add_data_func ("/tls-certificate/pem-parser", + &ref, (GTestDataFunc)pem_parser); + g_test_add_data_func ("/tls-certificate/from_file", + &ref, (GTestDataFunc)from_file); + g_test_add_data_func ("/tls-certificate/from_files", + &ref, (GTestDataFunc)from_files); + g_test_add_data_func ("/tls-certificate/list_from_file", + &ref, (GTestDataFunc)list_from_file); + + rtv = g_test_run(); + + g_free (ref.cert_pems[0]); + g_free (ref.cert_pems[1]); + g_free (ref.cert_pems[2]); + g_free (ref.key_pem); + + return rtv; +}