Added tests + changes to make tls authentication on LinphoneAuthInfo work

coreapi/authentication.c

@@ -323,6 +323,18 @@ static const LinphoneAuthInfo *find_auth_info(LinphoneCore *lc, const char *user
 	return ret;
 }
 
+const LinphoneAuthInfo *_linphone_core_find_tls_auth_info(LinphoneCore *lc) {
+	bctbx_list_t *elem;
+	for (elem=lc->auth_info;elem!=NULL;elem=elem->next) {
+		LinphoneAuthInfo *pinfo = (LinphoneAuthInfo*)elem->data;
+		if (pinfo->tls_cert && pinfo->tls_key) {
+			return pinfo;
+		} else if (pinfo->tls_cert_path && pinfo->tls_key_path) {
+			return pinfo;
+		}
+	}
+	return NULL;
+}
 
 const LinphoneAuthInfo *_linphone_core_find_auth_info(LinphoneCore *lc, const char *realm, const char *username, const char *domain, bool_t ignore_realm){
 	const LinphoneAuthInfo *ai=NULL;

coreapi/callbacks.c

@@ -1196,12 +1196,17 @@ static bool_t fill_auth_info_with_client_certificate(LinphoneCore *lc, SalAuthIn
 }
 
 static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) {
-	LinphoneAuthInfo *ai=(LinphoneAuthInfo*)_linphone_core_find_auth_info(lc,sai->realm,sai->username,sai->domain, FALSE);
+	LinphoneAuthInfo *ai = NULL;
+	if (sai->mode == SalAuthModeTls) {
+		ai = (LinphoneAuthInfo*)_linphone_core_find_tls_auth_info(lc);
+	} else {
+		ai = (LinphoneAuthInfo*)_linphone_core_find_auth_info(lc,sai->realm,sai->username,sai->domain, FALSE);
+	}
 	if (ai) {
 		if (sai->mode == SalAuthModeHttpDigest) {
-			sai->userid=ms_strdup(ai->userid?ai->userid:ai->username);
-			sai->password=ai->passwd?ms_strdup(ai->passwd):NULL;
-			sai->ha1=ai->ha1?ms_strdup(ai->ha1):NULL;
+			sai->userid = ms_strdup(ai->userid ? ai->userid : ai->username);
+			sai->password = ai->passwd?ms_strdup(ai->passwd) : NULL;
+			sai->ha1 = ai->ha1 ? ms_strdup(ai->ha1) : NULL;
 		} else if (sai->mode == SalAuthModeTls) {
 			if (ai->tls_cert && ai->tls_key) {
 				sal_certificates_chain_parse(sai, ai->tls_cert, SAL_CERTIFICATE_RAW_FORMAT_PEM);
@@ -1221,6 +1226,9 @@ static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) {
 		}
 		return TRUE;
 	} else {
+		if (sai->mode == SalAuthModeTls) {
+			return fill_auth_info_with_client_certificate(lc, sai);
+		}
 		return FALSE;
 	}
 }

coreapi/linphonecore.c

@@ -7963,11 +7963,11 @@ void linphone_core_set_tls_key(LinphoneCore *lc, const char *tls_key) {
 }
 
 void linphone_core_set_tls_cert_path(LinphoneCore *lc, const char *tls_cert_path) {
-	lp_config_set_string(lc->config, "sip", "client_cert_key", tls_cert_path);
+	lp_config_set_string(lc->config, "sip", "client_cert_chain", tls_cert_path);
 }
 
 void linphone_core_set_tls_key_path(LinphoneCore *lc, const char *tls_key_path) {
-	lp_config_set_string(lc->config, "sip", "client_cert_chain", tls_key_path);
+	lp_config_set_string(lc->config, "sip", "client_cert_key", tls_key_path);
 }
 
 const char *linphone_core_get_tls_cert(const LinphoneCore *lc) {

coreapi/private.h

@@ -397,6 +397,7 @@ void linphone_call_params_set_custom_sdp_media_attributes(LinphoneCallParams *pa
 
 void linphone_auth_info_write_config(struct _LpConfig *config, LinphoneAuthInfo *obj, int pos);
 void linphone_core_write_auth_info(LinphoneCore *lc, LinphoneAuthInfo *ai);
+const LinphoneAuthInfo *_linphone_core_find_tls_auth_info(LinphoneCore *lc);
 const LinphoneAuthInfo *_linphone_core_find_auth_info(LinphoneCore *lc, const char *realm, const char *username, const char *domain, bool_t ignore_realm);
 
 void linphone_core_update_proxy_register(LinphoneCore *lc);

tester/CMakeLists.txt

@@ -66,7 +66,12 @@ set(CERTIFICATE_CN_FILES
 	certificates/cn/openssl-cn.cnf
 )
 
-set(CERTIFICATE_FILES ${CERTIFICATE_ALT_FILES} ${CERTIFICATE_CN_FILES})
+set(CERTIFICATE_CLIENT_FILES
+	certificates/client/cert.pem
+	certificates/client/key.pem
+)
+
+set(CERTIFICATE_FILES ${CERTIFICATE_ALT_FILES} ${CERTIFICATE_CN_FILES} ${CERTIFICATE_CLIENT_FILES})
 
 set(RC_FILES
 	rcfiles/carddav_rc
@@ -109,6 +114,8 @@ set(RC_FILES
 	rcfiles/pauline_rc_rtcp_xr
 	rcfiles/pauline_sips_rc
 	rcfiles/pauline_tcp_rc
+	rcfiles/pauline_tls_client_rc
+	rcfiles/pauline_tls_client_2_rc
 	rcfiles/pauline_tunnel_verify_server_certificate_rc
 	rcfiles/pauline_v4proxy_rc
 	rcfiles/pauline_wild_rc

tester/Makefile.am

@@ -28,7 +28,10 @@ CERTIFICATE_CN_FILES = certificates/cn/agent.pem      \
 					 certificates/cn/cafile.pem     \
 					 certificates/cn/openssl-cn.cnf
 
-CERTIFICATE_FILES = $(CERTIFICATE_ALT_FILES) $(CERTIFICATE_CN_FILES)
+CERTIFICATE_CLIENT_FILES = certificates/client/cert.pem \
+					certificates/client/key.pem
+
+CERTIFICATE_FILES = $(CERTIFICATE_ALT_FILES) $(CERTIFICATE_CN_FILES) $(CERTIFICATE_CLIENT_FILES)
 
 RCFILES = \
 					rcfiles/empty_rc\
@@ -63,6 +66,8 @@ RCFILES = \
 					rcfiles/pauline_rc_rtcp_xr\
 					rcfiles/pauline_sips_rc\
 					rcfiles/pauline_tcp_rc\
+					rcfiles/pauline_tls_client_rc\
+					rcfiles/pauline_tls_client_2_rc\
 					rcfiles/pauline_wild_rc\
 					rcfiles/pauline_zrtp_aes256_rc\
 					rcfiles/pauline_zrtp_b256_rc\

tester/certificates/client/cert.pem

+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 14 (0xe)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=FR, ST=Some-State, L=Grenoble, O=Belledonne Communications, OU=LAB, CN=Jehan Monnier/emailAddress=jehan.monnier@belledonne-communications.com
+        Validity
+            Not Before: Sep 20 14:00:00 2016 GMT
+            Not After : Sep 20 14:00:00 2017 GMT
+        Subject: C=FR, ST=Rhone-Alpes Auvergne, L=Grenoble, O=Belledonne Communications, CN=sip:sip.example.org/emailAddress=info@belledonne-communications.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:9e:31:b6:30:07:0e:de:8b:dd:41:66:ec:52:84:
+                    37:2c:bf:98:bc:8f:d3:8e:0d:0f:97:de:b0:4a:c6:
+                    26:c3:c5:29:4d:4e:ed:6c:0c:fe:06:61:49:16:67:
+                    23:90:c9:5b:00:49:f0:e0:5e:42:81:2a:73:c7:c7:
+                    11:9e:41:53:28:46:73:d1:12:8a:bb:bf:e7:f5:84:
+                    6a:06:e6:5c:02:de:95:1d:a0:fc:a5:f7:bf:e8:c8:
+                    c9:95:9f:07:c3:96:96:09:4d:11:f4:48:a3:89:49:
+                    30:c0:6b:e6:ad:a4:0f:b7:5a:f2:20:78:2c:35:da:
+                    fe:4c:83:70:93:65:09:b1:bb:17:46:72:1d:22:c1:
+                    07:b3:4d:93:cd:cf:8a:6d:12:7f:54:b3:48:df:d6:
+                    02:6f:f2:9c:a0:6c:5e:09:6b:26:63:94:09:cf:0c:
+                    42:e6:fa:99:08:c1:9f:18:4b:54:fb:2c:0a:cc:c0:
+                    b2:a6:1d:47:d9:1d:f2:53:e2:27:f8:71:41:f6:45:
+                    e6:50:dd:47:4b:71:a2:bb:94:74:0e:e1:c4:fd:f6:
+                    c3:41:c5:4c:1e:f9:8b:9c:c7:7e:80:59:f9:5b:e7:
+                    ab:76:fd:5a:9d:d8:bd:6f:f9:58:78:e4:72:82:44:
+                    85:32:7d:c2:27:f6:52:69:69:e8:e6:70:00:aa:64:
+                    45:6f
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                CB:57:BF:89:AF:D9:DB:CC:E0:F8:79:71:AD:7F:03:63:20:0A:49:63
+            X509v3 Authority Key Identifier: 
+                keyid:06:5F:5D:C7:16:AF:62:F8:2D:6E:71:03:88:A0:D6:1D:2B:04:7F:BA
+
+    Signature Algorithm: sha256WithRSAEncryption
+         3e:6c:d5:87:db:04:2b:1b:73:93:9e:ea:fe:10:4a:38:9b:3e:
+         63:8f:f2:8d:8a:d0:bc:b2:4a:63:e0:3c:31:71:00:cf:81:4a:
+         ae:4c:51:fc:5d:51:b7:0a:86:48:5b:1f:a6:cc:ca:d2:c3:95:
+         da:4b:34:dc:8c:dd:1b:27:fb:d2:a8:e4:5e:5a:cc:01:f0:63:
+         58:74:72:1b:5f:c9:51:87:49:dd:ff:13:77:4c:2f:59:38:7f:
+         0a:48:94:17:67:b9:7e:6a:1f:c8:29:67:e0:d4:79:c9:8c:5b:
+         25:09:1d:46:f2:3a:e4:29:85:73:32:c5:94:72:59:31:57:9c:
+         65:d5
+-----BEGIN CERTIFICATE-----
+MIID5jCCA0+gAwIBAgIBDjANBgkqhkiG9w0BAQsFADCBuzELMAkGA1UEBhMCRlIx
+EzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAcMCEdyZW5vYmxlMSIwIAYDVQQK
+DBlCZWxsZWRvbm5lIENvbW11bmljYXRpb25zMQwwCgYDVQQLDANMQUIxFjAUBgNV
+BAMMDUplaGFuIE1vbm5pZXIxOjA4BgkqhkiG9w0BCQEWK2plaGFuLm1vbm5pZXJA
+YmVsbGVkb25uZS1jb21tdW5pY2F0aW9ucy5jb20wHhcNMTYwOTIwMTQwMDAwWhcN
+MTcwOTIwMTQwMDAwWjCBtDELMAkGA1UEBhMCRlIxHTAbBgNVBAgMFFJob25lLUFs
+cGVzIEF1dmVyZ25lMREwDwYDVQQHDAhHcmVub2JsZTEiMCAGA1UECgwZQmVsbGVk
+b25uZSBDb21tdW5pY2F0aW9uczEcMBoGA1UEAwwTc2lwOnNpcC5leGFtcGxlLm9y
+ZzExMC8GCSqGSIb3DQEJARYiaW5mb0BiZWxsZWRvbm5lLWNvbW11bmljYXRpb25z
+LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ4xtjAHDt6L3UFm
+7FKENyy/mLyP044ND5fesErGJsPFKU1O7WwM/gZhSRZnI5DJWwBJ8OBeQoEqc8fH
+EZ5BUyhGc9ESiru/5/WEagbmXALelR2g/KX3v+jIyZWfB8OWlglNEfRIo4lJMMBr
+5q2kD7da8iB4LDXa/kyDcJNlCbG7F0ZyHSLBB7NNk83Pim0Sf1SzSN/WAm/ynKBs
+XglrJmOUCc8MQub6mQjBnxhLVPssCszAsqYdR9kd8lPiJ/hxQfZF5lDdR0txoruU
+dA7hxP32w0HFTB75i5zHfoBZ+Vvnq3b9Wp3YvW/5WHjkcoJEhTJ9wif2Umlp6OZw
+AKpkRW8CAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNT
+TCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFMtXv4mv2dvM4Ph5ca1/
+A2MgCkljMB8GA1UdIwQYMBaAFAZfXccWr2L4LW5xA4ig1h0rBH+6MA0GCSqGSIb3
+DQEBCwUAA4GBAD5s1YfbBCsbc5Oe6v4QSjibPmOP8o2K0LyySmPgPDFxAM+BSq5M
+UfxdUbcKhkhbH6bMytLDldpLNNyM3Rsn+9Ko5F5azAHwY1h0chtfyVGHSd3/E3dM
+L1k4fwpIlBdnuX5qH8gpZ+DUecmMWyUJHUbyOuQphXMyxZRyWTFXnGXV
+-----END CERTIFICATE-----

tester/certificates/client/key.pem

+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAnjG2MAcO3ovdQWbsUoQ3LL+YvI/Tjg0Pl96wSsYmw8UpTU7t
+bAz+BmFJFmcjkMlbAEnw4F5CgSpzx8cRnkFTKEZz0RKKu7/n9YRqBuZcAt6VHaD8
+pfe/6MjJlZ8Hw5aWCU0R9EijiUkwwGvmraQPt1ryIHgsNdr+TINwk2UJsbsXRnId
+IsEHs02Tzc+KbRJ/VLNI39YCb/KcoGxeCWsmY5QJzwxC5vqZCMGfGEtU+ywKzMCy
+ph1H2R3yU+In+HFB9kXmUN1HS3Giu5R0DuHE/fbDQcVMHvmLnMd+gFn5W+erdv1a
+ndi9b/lYeORygkSFMn3CJ/ZSaWno5nAAqmRFbwIDAQABAoIBAB52XCrrcQWR0U1i
+0GcjZqyLSJIm8AoOoc4Q58m+VoCkWsu0QyvnZJM98KELw2GCJK/tjSDnhc7xqdHy
+l4Xt9mFvD6ZW97gnwDcbBH/HpDg5PGW0NnKPPrlI0Oiq8wfK26F24do0kqlBGs4y
++Py+9vfL34w5F+pW/Vkmhmsbrb43h0YU44M7BkqG/5ah2f6bsEV8NeqyMWhkn5m7
+GONv8Zot0aKeLz/krgQ4+ataQ6CBrSgwIiZ3FO/BTLIMC0g1qHamajpwZbA3/SBx
+8viziHVcZl3KJqPnwFVBySuDmxw9DCULPIBBnKXW0ieZ4uL8rBd0NvGu5lD9b+CN
+TglCzkECgYEAyvrNIdXvqYClqizdQRfIIUJsPk1fezqF6q36TT8WC1PaRYYL1VkG
+8oTNMJdAU9uxqeZTG4SRkBhWcktN5VBArvWrPAzdSqkhU3YbztXLyTbxGTmdYsIO
+1Lgm0yJ3pQAtm3js9T+A2gtU2aZFYAEY1J9+4q6Xj6fjvsyl2XgpqMkCgYEAx4Qd
+hl+XUj0Y0Wpj880aB7ao1BFIwzNa2B3h5+zM7hD0WrY4nu1gBCJIDLjzVPdy9f/h
+VMk9RDtWiutvO6x4nSOEfutCcFQkD3xXY7A7NCb+nEZMqOUvb6F7Igy6MU78Bbnr
+Ci0hBMDUXmX5Adpaht16E9pL2ttpv1wjmWQIUHcCgYBy6VWkaCdMAKbJFqkTptEH
+80CwbME3VERoPaJMhQCH3Sre3Spp2ALU3VYEwjwKvX9xPhGirIRz3TNjdTpeLfbQ
+lggg8O9+yw0w4NaRW/wIp/AKZdGyDUa0KqTgNs0hPl6Te/w6Q39A8dVReo4f8b8K
+8Fi3IDxxeYy3gcgKu7pp8QKBgQCIBHq4bBzWlQ6BXj2sLUysq4tnoCzx3uX05lJn
+cdm4B1j/KrFpL71AtDpYahKB/3yhVwPAcL1S8f0rEhywGwHTZy5h9HND7yjyYbuW
+G8QQ5vC3i3mhvzVarkUqznB1QzqvkLM7Kc8T1X4yqORcrgb/YKhkNnN2ThVGv0MJ
+xNeiOwKBgQCGIgZ7y22u5OJhbh6lRh4yosiGAZ2G+cviH8KO5Wco4tG/DKabR1SE
+ZYlo1MjIY/CEq2JPHa7ZXucRUKg78Mcy544FmMKDb/IpnGkjc+vhrYhjvMum/vTO
+t6PwzTGGIJfVaLFYyTpr+ykDEOmsLWGDiTpXujbINQulHgczNR99EQ==
+-----END RSA PRIVATE KEY-----

tester/rcfiles/pauline_tls_client_2_rc

+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+
+composing_idle_timeout=1
+
+[auth_info_0]
+username=pauline
+userid=pauline
+passwd=secret
+realm=sip.example.org
+
+[proxy_0]
+realm=sip.example.org
+reg_proxy=sip2.linphone.org:5063;transport=tls
+reg_route=sip2.linphone.org:5063;transport=tls
+reg_identity=sip:pauline@sip.example.org
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+
+#[friend_0]
+#url="Mariette" <sip:marie@sip.example.org>
+#pol=accept
+#subscribe=0
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=39072-49000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
+stun_server=stun.linphone.org

tester/rcfiles/pauline_tls_client_rc

+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+client_cert_chain=tester/certificates/client/cert.pem
+client_cert_key=tester/certificates/client/key.pem
+
+composing_idle_timeout=1
+
+[auth_info_0]
+username=pauline
+userid=pauline
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+realm=sip.example.org
+reg_proxy=sip2.linphone.org:5063;transport=tls
+reg_route=sip2.linphone.org:5063;transport=tls
+reg_identity=sip:pauline@sip.example.org
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+
+#[friend_0]
+#url="Mariette" <sip:marie@sip.example.org>
+#pol=accept
+#subscribe=0
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=39072-49000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
+stun_server=stun.linphone.org

tester/register_tester.c

@@ -947,6 +947,83 @@ static void redirect(void){
 	}
 }
 
+static void tls_auth_global_client_cert(void) {
+	if (transport_supported(LinphoneTransportTls)) {
+		LinphoneCoreManager *pauline = linphone_core_manager_new2("pauline_tls_client_rc", TRUE);
+		linphone_core_manager_destroy(pauline);
+	}
+}
+
+static void tls_auth_global_client_cert_api(void) {
+	if (transport_supported(LinphoneTransportTls)) {
+		LinphoneCoreManager *pauline = linphone_core_manager_new2("pauline_tls_client_2_rc", FALSE);
+		char *cert_path = bc_tester_res("certificates/client/cert.pem");
+		char *key_path = bc_tester_res("certificates/client/key.pem");
+		char *cert = read_file(cert_path);
+		char *key = read_file(key_path);
+		LinphoneCore *lc = pauline->lc;
+		linphone_core_set_tls_cert(lc, cert);
+		linphone_core_set_tls_key(lc, key);
+		BC_ASSERT_TRUE(wait_for(lc, lc, &pauline->stat.number_of_LinphoneRegistrationOk, 1));
+		linphone_core_manager_destroy(pauline);
+		ms_free(cert);
+		ms_free(key);
+		ms_free(cert_path);
+		ms_free(key_path);
+	}
+}
+
+static void tls_auth_global_client_cert_api_path(void) {
+	if (transport_supported(LinphoneTransportTls)) {
+		LinphoneCoreManager *pauline = linphone_core_manager_new2("pauline_tls_client_2_rc", FALSE);
+		char *cert = bc_tester_res("certificates/client/cert.pem");
+		char *key = bc_tester_res("certificates/client/key.pem");
+		LinphoneCore *lc = pauline->lc;
+		linphone_core_set_tls_cert_path(lc, cert);
+		linphone_core_set_tls_key_path(lc, key);
+		BC_ASSERT_TRUE(wait_for(lc, lc, &pauline->stat.number_of_LinphoneRegistrationOk, 1));
+		linphone_core_manager_destroy(pauline);
+		ms_free(cert);
+		ms_free(key);
+	}
+}
+
+static void tls_auth_info_client_cert_api(void) {
+	if (transport_supported(LinphoneTransportTls)) {
+		LinphoneCoreManager *pauline = linphone_core_manager_new2("pauline_tls_client_2_rc", FALSE);
+		char *cert_path = bc_tester_res("certificates/client/cert.pem");
+		char *key_path = bc_tester_res("certificates/client/key.pem");
+		char *cert = read_file(cert_path);
+		char *key = read_file(key_path);
+		LinphoneCore *lc = pauline->lc;
+		LinphoneAuthInfo *authInfo = (LinphoneAuthInfo *)lc->auth_info->data;
+		linphone_auth_info_set_tls_cert(authInfo, cert);
+		linphone_auth_info_set_tls_key(authInfo, key);
+		BC_ASSERT_TRUE(wait_for(lc, lc, &pauline->stat.number_of_LinphoneRegistrationOk, 1));
+		linphone_core_manager_destroy(pauline);
+		ms_free(cert);
+		ms_free(key);
+		ms_free(cert_path);
+		ms_free(key_path);
+	}
+}
+
+static void tls_auth_info_client_cert_api_path(void) {
+	if (transport_supported(LinphoneTransportTls)) {
+		LinphoneCoreManager *pauline = linphone_core_manager_new2("pauline_tls_client_2_rc", FALSE);
+		char *cert = bc_tester_res("certificates/client/cert.pem");
+		char *key = bc_tester_res("certificates/client/key.pem");
+		LinphoneCore *lc = pauline->lc;
+		LinphoneAuthInfo *authInfo = (LinphoneAuthInfo *)lc->auth_info->data;
+		linphone_auth_info_set_tls_cert_path(authInfo, cert);
+		linphone_auth_info_set_tls_key_path(authInfo, key);
+		BC_ASSERT_TRUE(wait_for(lc, lc, &pauline->stat.number_of_LinphoneRegistrationOk, 1));
+		linphone_core_manager_destroy(pauline);
+		ms_free(cert);
+		ms_free(key);
+	}
+}
+
 test_t register_tests[] = {
 	TEST_NO_TAG("Simple register", simple_register),
 	TEST_NO_TAG("Simple register unregister", simple_unregister),
@@ -982,7 +1059,12 @@ test_t register_tests[] = {
 	TEST_NO_TAG("Io recv error with recovery", io_recv_error_retry_immediatly),
 	TEST_NO_TAG("Io recv error with late recovery", io_recv_error_late_recovery),
 	TEST_NO_TAG("Io recv error without active registration", io_recv_error_without_active_register),
-	TEST_NO_TAG("Simple redirect", redirect)
+	TEST_NO_TAG("Simple redirect", redirect),
+	TEST_NO_TAG("Global TLS client certificate authentication", tls_auth_global_client_cert),
+	TEST_NO_TAG("Global TLS client certificate authentication using API", tls_auth_global_client_cert_api),
+	TEST_NO_TAG("Global TLS client certificate authentication using API 2", tls_auth_global_client_cert_api_path),
+	TEST_NO_TAG("AuthInfo TLS client certificate authentication using API", tls_auth_info_client_cert_api),
+	TEST_NO_TAG("AuthInfo TLS client certificate authentication using API 2", tls_auth_info_client_cert_api_path),
 };
 
 test_suite_t register_test_suite = {"Register", NULL, NULL, liblinphone_tester_before_each, liblinphone_tester_after_each,