diff --git a/libnm-core/tests/Makefile.am b/libnm-core/tests/Makefile.am index 294b2afd9..631f958ce 100644 --- a/libnm-core/tests/Makefile.am +++ b/libnm-core/tests/Makefile.am @@ -25,66 +25,6 @@ LDADD = \ $(GLIB_LIBS) \ $(DBUS_LIBS) -check-local: test-crypto test-setting-8021x -# Private key and CA certificate in the same file (PEM) - $(abs_builddir)/test-setting-8021x $(certsdir)/test_key_and_cert.pem "test" - -# Private key by itself (PEM) - $(abs_builddir)/test-setting-8021x $(certsdir)/test-key-only.pem "test" - -# PKCS#8 private key by itself (PEM) - $(abs_builddir)/test-setting-8021x $(certsdir)/pkcs8-enc-key.pem "1234567890" - -# Private key and CA certificate in the same file (pkcs12) - $(abs_builddir)/test-setting-8021x $(certsdir)/test-cert.p12 "test" - -# Normal CA certificate - $(abs_builddir)/test-crypto --cert $(certsdir)/test_ca_cert.pem - -# Another CA certificate - $(abs_builddir)/test-crypto --cert $(certsdir)/test2_ca_cert.pem - -# Normal CA certificate (DER format) - $(abs_builddir)/test-crypto --cert $(certsdir)/test_ca_cert.der - -# CA certificate without an ending newline - $(abs_builddir)/test-crypto --cert $(certsdir)/ca-no-ending-newline.pem - -# Combined user cert and private key - $(abs_builddir)/test-crypto --cert $(certsdir)/test_key_and_cert.pem - -# Another combined user cert and private key - $(abs_builddir)/test-crypto --cert $(certsdir)/test2_key_and_cert.pem - -# Private key with 8 bytes of tail padding - $(abs_builddir)/test-crypto --key \ - $(certsdir)/test_key_and_cert.pem \ - "test" \ - $(certsdir)/test-key-only-decrypted.der - -# Private key only (not combined with a cert) - $(abs_builddir)/test-crypto --key \ - $(certsdir)/test-key-only.pem \ - "test" \ - $(certsdir)/test-key-only-decrypted.der - -# Private key with 6 bytes of tail padding - $(abs_builddir)/test-crypto --key $(certsdir)/test2_key_and_cert.pem "12345testing" - -# PKCS#12 file - $(abs_builddir)/test-crypto --p12 $(certsdir)/test-cert.p12 "test" - -# Another PKCS#12 file - $(abs_builddir)/test-crypto --p12 $(certsdir)/test2-cert.p12 "12345testing" - -# PKCS#8 encrypted private key - $(abs_builddir)/test-crypto --pkcs8 \ - $(certsdir)/pkcs8-enc-key.pem \ - "1234567890" - -# Private key with AES cipher - $(abs_builddir)/test-crypto --key $(certsdir)/test-aes-key.pem "test-aes-password" - -TESTS = test-settings-defaults test-secrets test-general test-setting-dcb +TESTS = $(noinst_PROGRAMS) endif diff --git a/libnm-core/tests/test-crypto.c b/libnm-core/tests/test-crypto.c index 4a8e77524..677f11620 100644 --- a/libnm-core/tests/test-crypto.c +++ b/libnm-core/tests/test-crypto.c @@ -92,18 +92,21 @@ out: #endif static void -test_load_cert (const char *path, const char *desc) +test_cert (gconstpointer test_data) { + char *path; GByteArray *array; NMCryptoFileFormat format = NM_CRYPTO_FILE_FORMAT_UNKNOWN; GError *error = NULL; + path = g_build_filename (TEST_CERT_DIR, (const char *) test_data, NULL); + array = crypto_load_and_verify_certificate (path, &format, &error); - ASSERT (array != NULL, desc, + ASSERT (array != NULL, "cert", "couldn't read certificate file '%s': %d %s", path, error->code, error->message); - ASSERT (format == NM_CRYPTO_FILE_FORMAT_X509, desc, + ASSERT (format == NM_CRYPTO_FILE_FORMAT_X509, "cert", "%s: unexpected certificate format (expected %d, got %d)", path, NM_CRYPTO_FILE_FORMAT_X509, format); @@ -330,55 +333,137 @@ test_encrypt_private_key (const char *path, g_byte_array_free (array, TRUE); } -int main (int argc, char **argv) +static void +test_key (gconstpointer test_data) +{ + char **parts, *path, *password, *decrypted_path; + int len; + + parts = g_strsplit ((const char *) test_data, ", ", -1); + len = g_strv_length (parts); + ASSERT (len == 2 || len == 3, "test-crypto", + "wrong number of arguments (, , [])"); + + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; + decrypted_path = parts[2] ? g_build_filename (TEST_CERT_DIR, parts[2], NULL) : NULL; + + test_is_pkcs12 (path, TRUE, "not-pkcs12"); + test_load_private_key (path, password, decrypted_path, FALSE, "private-key"); + test_load_private_key (path, "blahblahblah", NULL, TRUE, "private-key-bad-password"); + test_load_private_key (path, NULL, NULL, TRUE, "private-key-no-password"); + test_encrypt_private_key (path, password, "private-key-rencrypt"); + + g_free (path); + g_free (decrypted_path); + g_strfreev (parts); +} + +static void +test_pkcs12 (gconstpointer test_data) +{ + char **parts, *path, *password; + + parts = g_strsplit ((const char *) test_data, ", ", -1); + ASSERT (g_strv_length (parts) == 2, "test-crypto", + "wrong number of arguments (, )"); + + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; + + test_is_pkcs12 (path, FALSE, "is-pkcs12"); + test_load_pkcs12 (path, password, FALSE, "pkcs12-private-key"); + test_load_pkcs12 (path, "blahblahblah", TRUE, "pkcs12-private-key-bad-password"); + test_load_pkcs12_no_password (path, "pkcs12-private-key-no-password"); + + g_free (path); + g_strfreev (parts); +} + +static void +test_pkcs8 (gconstpointer test_data) +{ + char **parts, *path, *password; + + parts = g_strsplit ((const char *) test_data, ", ", -1); + ASSERT (g_strv_length (parts) == 2, "test-crypto", + "wrong number of arguments (, )"); + + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; + + test_is_pkcs12 (path, TRUE, "not-pkcs12"); + test_load_pkcs8 (path, password, FALSE, "pkcs8-private-key"); + /* Until gnutls and NSS grow support for all the ciphers that openssl + * can use with PKCS#8, we can't actually verify the password. So we + * expect a bad password to work for the time being. + */ + test_load_pkcs8 (path, "blahblahblah", FALSE, "pkcs8-private-key-bad-password"); + + g_free (path); + g_strfreev (parts); +} + +NMTST_DEFINE (); + +int +main (int argc, char **argv) { GError *error = NULL; - char *progname; + int ret; - ASSERT (argc > 2, "test-crypto", - "wrong number of arguments (expected at least an operation and an object)"); + nmtst_init (&argc, &argv, TRUE); if (!crypto_init (&error)) FAIL ("crypto-init", "failed to initialize crypto: %s", error->message); - if (!strcmp (argv[1], "--cert")) - test_load_cert (argv[2], "cert"); - else if (!strcmp (argv[1], "--key")) { - const char *decrypted_path = (argc == 5) ? argv[4] : NULL; + g_test_add_data_func ("/libnm/crypto/cert/pem", + "test_ca_cert.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-2", + "test2_ca_cert.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/der", + "test_ca_cert.der", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-no-ending-newline", + "ca-no-ending-newline.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-combined", + "test_key_and_cert.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-combined-2", + "test2_key_and_cert.pem", + test_cert); - ASSERT (argc == 4 || argc == 5, "test-crypto", - "wrong number of arguments (--key [])"); + g_test_add_data_func ("/libnm/crypto/key/padding-6", + "test_key_and_cert.pem, test, test-key-only-decrypted.der", + test_key); + g_test_add_data_func ("/libnm/crypto/key/key-only", + "test-key-only.pem, test, test-key-only-decrypted.der", + test_key); + g_test_add_data_func ("/libnm/crypto/key/padding-8", + "test2_key_and_cert.pem, 12345testing", + test_key); + g_test_add_data_func ("/libnm/crypto/key/aes", + "test-aes-key.pem, test-aes-password", + test_key); - test_is_pkcs12 (argv[2], TRUE, "not-pkcs12"); - test_load_private_key (argv[2], argv[3], decrypted_path, FALSE, "private-key"); - test_load_private_key (argv[2], "blahblahblah", NULL, TRUE, "private-key-bad-password"); - test_load_private_key (argv[2], NULL, NULL, TRUE, "private-key-no-password"); - test_encrypt_private_key (argv[2], argv[3], "private-key-rencrypt"); - } else if (!strcmp (argv[1], "--p12")) { - test_is_pkcs12 (argv[2], FALSE, "is-pkcs12"); - test_load_pkcs12 (argv[2], argv[3], FALSE, "pkcs12-private-key"); - test_load_pkcs12 (argv[2], "blahblahblah", TRUE, "pkcs12-private-key-bad-password"); - test_load_pkcs12_no_password (argv[2], "pkcs12-private-key-no-password"); - } else if (!strcmp (argv[1], "--pkcs8")) { - ASSERT (argc == 4, "test-crypto", - "wrong number of arguments (--pkcs8 )"); + g_test_add_data_func ("/libnm/crypto/PKCS#12/1", + "test-cert.p12, test", + test_pkcs12); + g_test_add_data_func ("/libnm/crypto/PKCS#12/2", + "test2-cert.p12, 12345testing", + test_pkcs12); - test_is_pkcs12 (argv[2], TRUE, "not-pkcs12"); - test_load_pkcs8 (argv[2], argv[3], FALSE, "pkcs8-private-key"); - /* Until gnutls and NSS grow support for all the ciphers that openssl - * can use with PKCS#8, we can't actually verify the password. So we - * expect a bad password to work for the time being. - */ - test_load_pkcs8 (argv[2], "blahblahblah", FALSE, "pkcs8-private-key-bad-password"); - } else { - ASSERT (argc > 2, "test-crypto", "unknown test type (not --cert, --key, or --p12)"); - } + g_test_add_data_func ("/libnm/crypto/PKCS#8", + "pkcs8-enc-key.pem, 1234567890", + test_pkcs8); + + ret = g_test_run (); crypto_deinit (); - progname = g_path_get_basename (argv[0]); - fprintf (stdout, "%s: SUCCESS\n", progname); - g_free (progname); - return 0; + return ret; } diff --git a/libnm-core/tests/test-setting-8021x.c b/libnm-core/tests/test-setting-8021x.c index af0d5b84f..7b66b8eb5 100644 --- a/libnm-core/tests/test-setting-8021x.c +++ b/libnm-core/tests/test-setting-8021x.c @@ -404,40 +404,57 @@ test_clear_phase2_private_key (const char *path, const char *password) g_object_unref (s_8021x); } -int main (int argc, char **argv) +static void +do_8021x_test (gconstpointer test_data) { - GError *error = NULL; - char *base; + char **parts, *path, *password; - if (argc < 3) - FAIL ("init", "need at least two arguments: "); + parts = g_strsplit ((const char *) test_data, ", ", -1); + g_assert_cmpint (g_strv_length (parts), ==, 2); -#if !GLIB_CHECK_VERSION (2, 35, 0) - g_type_init (); -#endif - - if (!nm_utils_init (&error)) - FAIL ("nm-utils-init", "failed to initialize libnm: %s", error->message); + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; /* Test phase1 and phase2 path scheme */ - test_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_PATH); - test_phase2_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_PATH); + test_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_PATH); + test_phase2_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_PATH); /* Test phase1 and phase2 blob scheme */ - test_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_BLOB); - test_phase2_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_BLOB); + test_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_BLOB); + test_phase2_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_BLOB); /* Test that using a wrong password does not change existing data */ - test_wrong_password_keeps_data (argv[1], argv[2]); - test_wrong_phase2_password_keeps_data (argv[1], argv[2]); + test_wrong_password_keeps_data (path, password); + test_wrong_phase2_password_keeps_data (path, password); /* Test clearing the private key */ - test_clear_private_key (argv[1], argv[2]); - test_clear_phase2_private_key (argv[1], argv[2]); + test_clear_private_key (path, password); + test_clear_phase2_private_key (path, password); - base = g_path_get_basename (argv[0]); - fprintf (stdout, "%s: SUCCESS\n", base); - g_free (base); - return 0; + g_free (path); + g_strfreev (parts); +} + +NMTST_DEFINE (); + +int +main (int argc, char **argv) +{ + nmtst_init (&argc, &argv, TRUE); + + g_test_add_data_func ("/libnm/setting-8021x/key-and-cert", + "test_key_and_cert.pem, test", + do_8021x_test); + g_test_add_data_func ("/libnm/setting-8021x/key-only", + "test-key-only.pem, test", + do_8021x_test); + g_test_add_data_func ("/libnm/setting-8021x/pkcs8-enc-key", + "pkcs8-enc-key.pem, 1234567890", + do_8021x_test); + g_test_add_data_func ("/libnm/setting-8021x/pkcs12", + "test-cert.p12, test", + do_8021x_test); + + return g_test_run (); } diff --git a/libnm-util/tests/Makefile.am b/libnm-util/tests/Makefile.am index 3acc4fcc9..6d11d0dd1 100644 --- a/libnm-util/tests/Makefile.am +++ b/libnm-util/tests/Makefile.am @@ -12,13 +12,16 @@ AM_CPPFLAGS = \ -DBUILD_DIR=\"$(abs_builddir)\" \ -DTEST_CERT_DIR=\"$(top_srcdir)/libnm-util/tests/certs/\" -noinst_PROGRAMS = \ +TESTS = \ test-settings-defaults \ test-crypto \ test-secrets \ test-general \ test-setting-8021x \ - test-setting-dcb \ + test-setting-dcb + +noinst_PROGRAMS = \ + $(TESTS) \ test-libnm-linking test_settings_defaults_SOURCES = \ @@ -80,66 +83,4 @@ test_libnm_linking_LDADD = \ $(GLIB_LIBS) \ $(DBUS_LIBS) -check-local: test-crypto test-setting-8021x -# Private key and CA certificate in the same file (PEM) - $(abs_builddir)/test-setting-8021x $(srcdir)/certs/test_key_and_cert.pem "test" - -# Private key by itself (PEM) - $(abs_builddir)/test-setting-8021x $(srcdir)/certs/test-key-only.pem "test" - -# PKCS#8 private key by itself (PEM) - $(abs_builddir)/test-setting-8021x $(srcdir)/certs/pkcs8-enc-key.pem "1234567890" - -# Private key and CA certificate in the same file (pkcs12) - $(abs_builddir)/test-setting-8021x $(srcdir)/certs/test-cert.p12 "test" - -# Normal CA certificate - $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test_ca_cert.pem - -# Another CA certificate - $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test2_ca_cert.pem - -# Normal CA certificate (DER format) - $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test_ca_cert.der - -# CA certificate without an ending newline - $(abs_builddir)/test-crypto --cert $(srcdir)/certs/ca-no-ending-newline.pem - -# Combined user cert and private key - $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test_key_and_cert.pem - -# Another combined user cert and private key - $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test2_key_and_cert.pem - -# Private key with 8 bytes of tail padding - $(abs_builddir)/test-crypto --key \ - $(srcdir)/certs/test_key_and_cert.pem \ - "test" \ - $(srcdir)/certs/test-key-only-decrypted.der - -# Private key only (not combined with a cert) - $(abs_builddir)/test-crypto --key \ - $(srcdir)/certs/test-key-only.pem \ - "test" \ - $(srcdir)/certs/test-key-only-decrypted.der - -# Private key with 6 bytes of tail padding - $(abs_builddir)/test-crypto --key $(srcdir)/certs/test2_key_and_cert.pem "12345testing" - -# PKCS#12 file - $(abs_builddir)/test-crypto --p12 $(srcdir)/certs/test-cert.p12 "test" - -# Another PKCS#12 file - $(abs_builddir)/test-crypto --p12 $(srcdir)/certs/test2-cert.p12 "12345testing" - -# PKCS#8 encrypted private key - $(abs_builddir)/test-crypto --pkcs8 \ - $(srcdir)/certs/pkcs8-enc-key.pem \ - "1234567890" - -# Private key with AES cipher - $(abs_builddir)/test-crypto --key $(srcdir)/certs/test-aes-key.pem "test-aes-password" - -TESTS = test-settings-defaults test-secrets test-general test-setting-dcb - endif diff --git a/libnm-util/tests/test-crypto.c b/libnm-util/tests/test-crypto.c index 4a8e77524..677f11620 100644 --- a/libnm-util/tests/test-crypto.c +++ b/libnm-util/tests/test-crypto.c @@ -92,18 +92,21 @@ out: #endif static void -test_load_cert (const char *path, const char *desc) +test_cert (gconstpointer test_data) { + char *path; GByteArray *array; NMCryptoFileFormat format = NM_CRYPTO_FILE_FORMAT_UNKNOWN; GError *error = NULL; + path = g_build_filename (TEST_CERT_DIR, (const char *) test_data, NULL); + array = crypto_load_and_verify_certificate (path, &format, &error); - ASSERT (array != NULL, desc, + ASSERT (array != NULL, "cert", "couldn't read certificate file '%s': %d %s", path, error->code, error->message); - ASSERT (format == NM_CRYPTO_FILE_FORMAT_X509, desc, + ASSERT (format == NM_CRYPTO_FILE_FORMAT_X509, "cert", "%s: unexpected certificate format (expected %d, got %d)", path, NM_CRYPTO_FILE_FORMAT_X509, format); @@ -330,55 +333,137 @@ test_encrypt_private_key (const char *path, g_byte_array_free (array, TRUE); } -int main (int argc, char **argv) +static void +test_key (gconstpointer test_data) +{ + char **parts, *path, *password, *decrypted_path; + int len; + + parts = g_strsplit ((const char *) test_data, ", ", -1); + len = g_strv_length (parts); + ASSERT (len == 2 || len == 3, "test-crypto", + "wrong number of arguments (, , [])"); + + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; + decrypted_path = parts[2] ? g_build_filename (TEST_CERT_DIR, parts[2], NULL) : NULL; + + test_is_pkcs12 (path, TRUE, "not-pkcs12"); + test_load_private_key (path, password, decrypted_path, FALSE, "private-key"); + test_load_private_key (path, "blahblahblah", NULL, TRUE, "private-key-bad-password"); + test_load_private_key (path, NULL, NULL, TRUE, "private-key-no-password"); + test_encrypt_private_key (path, password, "private-key-rencrypt"); + + g_free (path); + g_free (decrypted_path); + g_strfreev (parts); +} + +static void +test_pkcs12 (gconstpointer test_data) +{ + char **parts, *path, *password; + + parts = g_strsplit ((const char *) test_data, ", ", -1); + ASSERT (g_strv_length (parts) == 2, "test-crypto", + "wrong number of arguments (, )"); + + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; + + test_is_pkcs12 (path, FALSE, "is-pkcs12"); + test_load_pkcs12 (path, password, FALSE, "pkcs12-private-key"); + test_load_pkcs12 (path, "blahblahblah", TRUE, "pkcs12-private-key-bad-password"); + test_load_pkcs12_no_password (path, "pkcs12-private-key-no-password"); + + g_free (path); + g_strfreev (parts); +} + +static void +test_pkcs8 (gconstpointer test_data) +{ + char **parts, *path, *password; + + parts = g_strsplit ((const char *) test_data, ", ", -1); + ASSERT (g_strv_length (parts) == 2, "test-crypto", + "wrong number of arguments (, )"); + + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; + + test_is_pkcs12 (path, TRUE, "not-pkcs12"); + test_load_pkcs8 (path, password, FALSE, "pkcs8-private-key"); + /* Until gnutls and NSS grow support for all the ciphers that openssl + * can use with PKCS#8, we can't actually verify the password. So we + * expect a bad password to work for the time being. + */ + test_load_pkcs8 (path, "blahblahblah", FALSE, "pkcs8-private-key-bad-password"); + + g_free (path); + g_strfreev (parts); +} + +NMTST_DEFINE (); + +int +main (int argc, char **argv) { GError *error = NULL; - char *progname; + int ret; - ASSERT (argc > 2, "test-crypto", - "wrong number of arguments (expected at least an operation and an object)"); + nmtst_init (&argc, &argv, TRUE); if (!crypto_init (&error)) FAIL ("crypto-init", "failed to initialize crypto: %s", error->message); - if (!strcmp (argv[1], "--cert")) - test_load_cert (argv[2], "cert"); - else if (!strcmp (argv[1], "--key")) { - const char *decrypted_path = (argc == 5) ? argv[4] : NULL; + g_test_add_data_func ("/libnm/crypto/cert/pem", + "test_ca_cert.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-2", + "test2_ca_cert.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/der", + "test_ca_cert.der", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-no-ending-newline", + "ca-no-ending-newline.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-combined", + "test_key_and_cert.pem", + test_cert); + g_test_add_data_func ("/libnm/crypto/cert/pem-combined-2", + "test2_key_and_cert.pem", + test_cert); - ASSERT (argc == 4 || argc == 5, "test-crypto", - "wrong number of arguments (--key [])"); + g_test_add_data_func ("/libnm/crypto/key/padding-6", + "test_key_and_cert.pem, test, test-key-only-decrypted.der", + test_key); + g_test_add_data_func ("/libnm/crypto/key/key-only", + "test-key-only.pem, test, test-key-only-decrypted.der", + test_key); + g_test_add_data_func ("/libnm/crypto/key/padding-8", + "test2_key_and_cert.pem, 12345testing", + test_key); + g_test_add_data_func ("/libnm/crypto/key/aes", + "test-aes-key.pem, test-aes-password", + test_key); - test_is_pkcs12 (argv[2], TRUE, "not-pkcs12"); - test_load_private_key (argv[2], argv[3], decrypted_path, FALSE, "private-key"); - test_load_private_key (argv[2], "blahblahblah", NULL, TRUE, "private-key-bad-password"); - test_load_private_key (argv[2], NULL, NULL, TRUE, "private-key-no-password"); - test_encrypt_private_key (argv[2], argv[3], "private-key-rencrypt"); - } else if (!strcmp (argv[1], "--p12")) { - test_is_pkcs12 (argv[2], FALSE, "is-pkcs12"); - test_load_pkcs12 (argv[2], argv[3], FALSE, "pkcs12-private-key"); - test_load_pkcs12 (argv[2], "blahblahblah", TRUE, "pkcs12-private-key-bad-password"); - test_load_pkcs12_no_password (argv[2], "pkcs12-private-key-no-password"); - } else if (!strcmp (argv[1], "--pkcs8")) { - ASSERT (argc == 4, "test-crypto", - "wrong number of arguments (--pkcs8 )"); + g_test_add_data_func ("/libnm/crypto/PKCS#12/1", + "test-cert.p12, test", + test_pkcs12); + g_test_add_data_func ("/libnm/crypto/PKCS#12/2", + "test2-cert.p12, 12345testing", + test_pkcs12); - test_is_pkcs12 (argv[2], TRUE, "not-pkcs12"); - test_load_pkcs8 (argv[2], argv[3], FALSE, "pkcs8-private-key"); - /* Until gnutls and NSS grow support for all the ciphers that openssl - * can use with PKCS#8, we can't actually verify the password. So we - * expect a bad password to work for the time being. - */ - test_load_pkcs8 (argv[2], "blahblahblah", FALSE, "pkcs8-private-key-bad-password"); - } else { - ASSERT (argc > 2, "test-crypto", "unknown test type (not --cert, --key, or --p12)"); - } + g_test_add_data_func ("/libnm/crypto/PKCS#8", + "pkcs8-enc-key.pem, 1234567890", + test_pkcs8); + + ret = g_test_run (); crypto_deinit (); - progname = g_path_get_basename (argv[0]); - fprintf (stdout, "%s: SUCCESS\n", progname); - g_free (progname); - return 0; + return ret; } diff --git a/libnm-util/tests/test-setting-8021x.c b/libnm-util/tests/test-setting-8021x.c index c496e47bc..ddd76f018 100644 --- a/libnm-util/tests/test-setting-8021x.c +++ b/libnm-util/tests/test-setting-8021x.c @@ -404,40 +404,57 @@ test_clear_phase2_private_key (const char *path, const char *password) g_object_unref (s_8021x); } -int main (int argc, char **argv) +static void +do_8021x_test (gconstpointer test_data) { - GError *error = NULL; - char *base; + char **parts, *path, *password; - if (argc < 3) - FAIL ("init", "need at least two arguments: "); + parts = g_strsplit ((const char *) test_data, ", ", -1); + g_assert_cmpint (g_strv_length (parts), ==, 2); -#if !GLIB_CHECK_VERSION (2, 35, 0) - g_type_init (); -#endif - - if (!nm_utils_init (&error)) - FAIL ("nm-utils-init", "failed to initialize libnm-util: %s", error->message); + path = g_build_filename (TEST_CERT_DIR, parts[0], NULL); + password = parts[1]; /* Test phase1 and phase2 path scheme */ - test_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_PATH); - test_phase2_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_PATH); + test_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_PATH); + test_phase2_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_PATH); /* Test phase1 and phase2 blob scheme */ - test_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_BLOB); - test_phase2_private_key_import (argv[1], argv[2], NM_SETTING_802_1X_CK_SCHEME_BLOB); + test_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_BLOB); + test_phase2_private_key_import (path, password, NM_SETTING_802_1X_CK_SCHEME_BLOB); /* Test that using a wrong password does not change existing data */ - test_wrong_password_keeps_data (argv[1], argv[2]); - test_wrong_phase2_password_keeps_data (argv[1], argv[2]); + test_wrong_password_keeps_data (path, password); + test_wrong_phase2_password_keeps_data (path, password); /* Test clearing the private key */ - test_clear_private_key (argv[1], argv[2]); - test_clear_phase2_private_key (argv[1], argv[2]); + test_clear_private_key (path, password); + test_clear_phase2_private_key (path, password); - base = g_path_get_basename (argv[0]); - fprintf (stdout, "%s: SUCCESS\n", base); - g_free (base); - return 0; + g_free (path); + g_strfreev (parts); +} + +NMTST_DEFINE (); + +int +main (int argc, char **argv) +{ + nmtst_init (&argc, &argv, TRUE); + + g_test_add_data_func ("/libnm-utils/setting-8021x/key-and-cert", + "test_key_and_cert.pem, test", + do_8021x_test); + g_test_add_data_func ("/libnm-utils/setting-8021x/key-only", + "test-key-only.pem, test", + do_8021x_test); + g_test_add_data_func ("/libnm-utils/setting-8021x/pkcs8-enc-key", + "pkcs8-enc-key.pem, 1234567890", + do_8021x_test); + g_test_add_data_func ("/libnm-utils/setting-8021x/pkcs12", + "test-cert.p12, test", + do_8021x_test); + + return g_test_run (); }