1 /*
2 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12 #include <stdlib.h>
13
14 #include "internal/nelem.h"
15
16 #include <openssl/pkcs12.h>
17 #include <openssl/x509.h>
18 #include <openssl/x509v3.h>
19 #include <openssl/pem.h>
20
21 #include "testutil.h"
22 #include "helpers/pkcs12.h"
23
24 static int default_libctx = 1;
25
26 static OSSL_LIB_CTX *testctx = NULL;
27 static OSSL_PROVIDER *nullprov = NULL;
28 static OSSL_PROVIDER *deflprov = NULL;
29 static OSSL_PROVIDER *lgcyprov = NULL;
30
31 /* --------------------------------------------------------------------------
32 * PKCS12 component test data
33 */
34
35 static const unsigned char CERT1[] =
36 {
37 0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
38 0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe6, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
39 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
40 0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74,
41 0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36,
42 0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35,
43 0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50,
44 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2d, 0x31, 0x30,
45 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
46 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c,
47 0x7a, 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1,
48 0xc8, 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84,
49 0x81, 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf,
50 0xc7, 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b,
51 0x84, 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72,
52 0x31, 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9,
53 0x19, 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44,
54 0xc1, 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00,
55 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
56 0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02,
57 0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30,
58 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d,
59 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81,
60 0x00, 0x1c, 0x13, 0xdc, 0x02, 0xf1, 0x44, 0x36, 0x65, 0xa9, 0xbe, 0x30, 0x1c, 0x66, 0x14, 0x20,
61 0x86, 0x5a, 0xa8, 0x69, 0x25, 0xf8, 0x1a, 0xb6, 0x9e, 0x5e, 0xe9, 0x89, 0xb8, 0x67, 0x70, 0x19,
62 0x87, 0x60, 0xeb, 0x4b, 0x11, 0x71, 0x85, 0xf8, 0xe9, 0xa7, 0x3e, 0x20, 0x42, 0xec, 0x43, 0x25,
63 0x01, 0x03, 0xe5, 0x4d, 0x83, 0x22, 0xf5, 0x8e, 0x3a, 0x1a, 0x1b, 0xd4, 0x1c, 0xda, 0x6b, 0x9d,
64 0x10, 0x1b, 0xee, 0x67, 0x4e, 0x1f, 0x69, 0xab, 0xbc, 0xaa, 0x62, 0x8e, 0x9e, 0xc6, 0xee, 0xd6,
65 0x09, 0xc0, 0xca, 0xe0, 0xaa, 0x9f, 0x07, 0xb2, 0xc2, 0xbb, 0x31, 0x96, 0xa2, 0x04, 0x62, 0xd3,
66 0x13, 0x32, 0x29, 0x67, 0x6e, 0xad, 0x2e, 0x0b, 0xea, 0x04, 0x7c, 0x8c, 0x5a, 0x5d, 0xac, 0x14,
67 0xaa, 0x61, 0x7f, 0x28, 0x6c, 0x2d, 0x64, 0x2d, 0xc3, 0xaf, 0x77, 0x52, 0x90, 0xb4, 0x37, 0xc0,
68 0x30,
69 };
70
71 static const unsigned char CERT2[] =
72 {
73 0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
74 0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe7, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
75 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
76 0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74,
77 0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36,
78 0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35,
79 0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50,
80 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2d, 0x31, 0x30,
81 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
82 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86,
83 0x9f, 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35,
84 0x4d, 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8,
85 0xa5, 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03,
86 0x98, 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e,
87 0x31, 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc,
88 0x70, 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49,
89 0xd3, 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe,
90 0x2d, 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00,
91 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
92 0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02,
93 0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30,
94 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d,
95 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81,
96 0x00, 0x3b, 0xa6, 0x73, 0xbe, 0xe0, 0x28, 0xed, 0x1f, 0x29, 0x78, 0x4c, 0xc0, 0x1f, 0xe9, 0x85,
97 0xc6, 0x8f, 0xe3, 0x87, 0x7c, 0xd9, 0xe7, 0x0a, 0x37, 0xe8, 0xaa, 0xb5, 0xd2, 0x7f, 0xf8, 0x90,
98 0x20, 0x80, 0x35, 0xa7, 0x79, 0x2b, 0x04, 0xa7, 0xbf, 0xe6, 0x7b, 0x58, 0xcb, 0xec, 0x0e, 0x58,
99 0xef, 0x2a, 0x70, 0x8a, 0x56, 0x8a, 0xcf, 0x6b, 0x7a, 0x74, 0x0c, 0xf4, 0x15, 0x37, 0x93, 0xcd,
100 0xe6, 0xb2, 0xa1, 0x83, 0x09, 0xdb, 0x9e, 0x4f, 0xff, 0x6a, 0x17, 0x4f, 0x33, 0xc9, 0xcc, 0x90,
101 0x2a, 0x67, 0xff, 0x16, 0x78, 0xa8, 0x2c, 0x10, 0xe0, 0x52, 0x8c, 0xe6, 0xe9, 0x90, 0x8d, 0xe0,
102 0x62, 0x04, 0x9a, 0x0f, 0x44, 0x01, 0x82, 0x14, 0x92, 0x44, 0x25, 0x69, 0x22, 0xb7, 0xb8, 0xc5,
103 0x94, 0x4c, 0x4b, 0x1c, 0x9b, 0x92, 0x60, 0x66, 0x90, 0x4e, 0xb9, 0xa8, 0x4c, 0x89, 0xbb, 0x0f,
104 0x0b,
105 };
106
107 static const unsigned char KEY1[] =
108 {
109 0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c, 0x7a,
110 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1, 0xc8,
111 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84, 0x81,
112 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf, 0xc7,
113 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b, 0x84,
114 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72, 0x31,
115 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9, 0x19,
116 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44, 0xc1,
117 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00, 0x01,
118 0x02, 0x81, 0x81, 0x00, 0xa5, 0x6d, 0xf9, 0x8f, 0xf5, 0x5a, 0xa3, 0x50, 0xd9, 0x0d, 0x37, 0xbb,
119 0xce, 0x13, 0x94, 0xb8, 0xea, 0x32, 0x7f, 0x0c, 0xf5, 0x46, 0x0b, 0x90, 0x17, 0x7e, 0x5e, 0x63,
120 0xbd, 0xa4, 0x78, 0xcd, 0x19, 0x97, 0xd4, 0x92, 0x30, 0x78, 0xaa, 0xb4, 0xa7, 0x9c, 0xc6, 0xdf,
121 0x2a, 0x65, 0x0e, 0xb5, 0x9f, 0x9c, 0x84, 0x0d, 0x4d, 0x3a, 0x74, 0xfc, 0xd0, 0xb4, 0x09, 0x74,
122 0xc4, 0xb8, 0x24, 0x03, 0xa8, 0xf0, 0xf8, 0x0d, 0x5c, 0x8e, 0xdf, 0x4b, 0xe1, 0x0a, 0x8f, 0x4f,
123 0xd5, 0xc7, 0x9b, 0x54, 0x55, 0x8f, 0x00, 0x5c, 0xea, 0x4c, 0x73, 0xf9, 0x1b, 0xbf, 0xb8, 0x93,
124 0x33, 0x20, 0xce, 0x45, 0xd9, 0x03, 0x02, 0xb2, 0x36, 0xc5, 0x0a, 0x30, 0x50, 0x78, 0x80, 0x66,
125 0x00, 0x22, 0x38, 0x86, 0xcf, 0x63, 0x4a, 0x5c, 0xbf, 0x2b, 0xd9, 0x6e, 0xe6, 0xf0, 0x39, 0xad,
126 0x12, 0x25, 0x41, 0xb9, 0x02, 0x41, 0x00, 0xf3, 0x7c, 0x07, 0x99, 0x64, 0x3a, 0x28, 0x8c, 0x8d,
127 0x05, 0xfe, 0x32, 0xb5, 0x4c, 0x8c, 0x6d, 0xde, 0x3d, 0x16, 0x08, 0xa0, 0x01, 0x61, 0x4f, 0x8e,
128 0xa0, 0xf7, 0x26, 0x26, 0xb5, 0x8e, 0xc0, 0x7a, 0xce, 0x86, 0x34, 0xde, 0xb8, 0xef, 0x86, 0x01,
129 0xbe, 0x24, 0xaa, 0x9b, 0x36, 0x93, 0x72, 0x9b, 0xf9, 0xc6, 0xcb, 0x76, 0x84, 0x67, 0x06, 0x06,
130 0x30, 0x50, 0xdf, 0x42, 0x17, 0xe0, 0xa7, 0x02, 0x41, 0x00, 0xc6, 0x91, 0xa0, 0x41, 0x34, 0x11,
131 0x67, 0x4b, 0x08, 0x0f, 0xda, 0xa7, 0x99, 0xec, 0x58, 0x11, 0xa5, 0x82, 0xdb, 0x50, 0xfe, 0x77,
132 0xe2, 0xd1, 0x53, 0x9c, 0x7d, 0xe8, 0xbf, 0xe7, 0x7c, 0xa9, 0x01, 0xb1, 0x87, 0xc3, 0x52, 0x79,
133 0x9e, 0x2c, 0xa7, 0x6f, 0x02, 0x37, 0x32, 0xef, 0x24, 0x31, 0x21, 0x0b, 0x86, 0x05, 0x32, 0x4a,
134 0x2e, 0x0b, 0x65, 0x05, 0xd3, 0xd6, 0x30, 0xb2, 0xfc, 0xa7, 0x02, 0x41, 0x00, 0xc2, 0xed, 0x31,
135 0xdc, 0x40, 0x9c, 0x3a, 0xe8, 0x42, 0xe2, 0x60, 0x5e, 0x52, 0x3c, 0xc5, 0x54, 0x14, 0x0e, 0x8d,
136 0x7c, 0x3c, 0x34, 0xbe, 0xa6, 0x05, 0x86, 0xa2, 0x36, 0x5d, 0xd9, 0x0e, 0x3e, 0xd4, 0x52, 0x50,
137 0xa9, 0x35, 0x01, 0x93, 0x68, 0x92, 0x2e, 0x9a, 0x86, 0x27, 0x1a, 0xab, 0x32, 0x9e, 0xe2, 0x79,
138 0x9f, 0x5b, 0xf3, 0xa5, 0xd2, 0xf1, 0xd3, 0x6e, 0x7b, 0x3e, 0x1b, 0x85, 0x93, 0x02, 0x40, 0x68,
139 0xb8, 0xb6, 0x7e, 0x8c, 0xba, 0x3c, 0xf2, 0x8a, 0x2e, 0xea, 0x4f, 0x07, 0xd3, 0x68, 0x62, 0xee,
140 0x1a, 0x04, 0x16, 0x44, 0x0d, 0xef, 0xf6, 0x1b, 0x95, 0x65, 0xa5, 0xd1, 0x47, 0x81, 0x2c, 0x14,
141 0xb3, 0x8e, 0xf9, 0x08, 0xcf, 0x11, 0x07, 0x55, 0xca, 0x2a, 0xad, 0xf7, 0xd3, 0xbd, 0x0f, 0x97,
142 0xf0, 0xde, 0xde, 0x70, 0xb6, 0x44, 0x70, 0x47, 0xf7, 0xf9, 0xcf, 0x75, 0x61, 0x7f, 0xf3, 0x02,
143 0x40, 0x38, 0x4a, 0x67, 0xaf, 0xae, 0xb6, 0xb2, 0x6a, 0x00, 0x25, 0x5a, 0xa4, 0x65, 0x20, 0xb1,
144 0x13, 0xbd, 0x83, 0xff, 0xb4, 0xbc, 0xf4, 0xdd, 0xa1, 0xbb, 0x1c, 0x96, 0x37, 0x35, 0xf4, 0xbf,
145 0xed, 0x4c, 0xed, 0x92, 0xe8, 0xac, 0xc9, 0xc1, 0xa5, 0xa3, 0x23, 0x66, 0x40, 0x8a, 0xa1, 0xe6,
146 0xe3, 0x95, 0xfe, 0xc4, 0x53, 0xf5, 0x7d, 0x6e, 0xca, 0x45, 0x42, 0xe4, 0xc2, 0x9f, 0xe5, 0x1e,
147 0xb5,
148 };
149
150
151 static const unsigned char KEY2[] =
152 {
153 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86, 0x9f,
154 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35, 0x4d,
155 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8, 0xa5,
156 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03, 0x98,
157 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e, 0x31,
158 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc, 0x70,
159 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49, 0xd3,
160 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe, 0x2d,
161 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00, 0x01,
162 0x02, 0x81, 0x81, 0x00, 0xa6, 0x00, 0x83, 0xf8, 0x2b, 0x33, 0xac, 0xfb, 0xdb, 0xf0, 0x52, 0x4b,
163 0xd6, 0x39, 0xe3, 0x94, 0x3d, 0x8d, 0xa9, 0x01, 0xb0, 0x6b, 0xbe, 0x7f, 0x10, 0x01, 0xb6, 0xcd,
164 0x0a, 0x45, 0x0a, 0xca, 0x67, 0x8e, 0xd8, 0x29, 0x44, 0x8a, 0x51, 0xa8, 0x66, 0x35, 0x26, 0x30,
165 0x8b, 0xe9, 0x41, 0xa6, 0x22, 0xec, 0xd2, 0xf0, 0x58, 0x41, 0x33, 0x26, 0xf2, 0x3f, 0xe8, 0x75,
166 0x4f, 0xc7, 0x5d, 0x2e, 0x5a, 0xa8, 0x7a, 0xd2, 0xbf, 0x59, 0xa0, 0x86, 0x79, 0x0b, 0x92, 0x6c,
167 0x95, 0x5d, 0x87, 0x63, 0x5c, 0xd6, 0x1a, 0xc0, 0xf6, 0x7a, 0x15, 0x8d, 0xc7, 0x3c, 0xb6, 0x9e,
168 0xa6, 0x58, 0x46, 0x9b, 0xbf, 0x3e, 0x28, 0x8c, 0xdf, 0x1a, 0x87, 0xaa, 0x7e, 0xf5, 0xf2, 0xcb,
169 0x5e, 0x84, 0x2d, 0xf6, 0x82, 0x7e, 0x89, 0x4e, 0xf5, 0xe6, 0x3c, 0x92, 0x80, 0x1e, 0x98, 0x1c,
170 0x6a, 0x7b, 0x57, 0x01, 0x02, 0x41, 0x00, 0xdd, 0x60, 0x95, 0xd7, 0xa1, 0x9d, 0x0c, 0xa1, 0x84,
171 0xc5, 0x39, 0xca, 0x67, 0x4c, 0x1c, 0x06, 0x71, 0x5b, 0x5c, 0x2d, 0x8d, 0xce, 0xcd, 0xe2, 0x79,
172 0xc8, 0x33, 0xbe, 0x50, 0x37, 0x60, 0x9f, 0x3b, 0xb9, 0x59, 0x55, 0x22, 0x1f, 0xa5, 0x4b, 0x1d,
173 0xca, 0x38, 0xa0, 0xab, 0x87, 0x9c, 0x86, 0x0e, 0xdb, 0x1c, 0x4f, 0x4f, 0x07, 0xed, 0x18, 0x3f,
174 0x05, 0x3c, 0xec, 0x78, 0x11, 0xf6, 0x99, 0x02, 0x41, 0x00, 0xc2, 0xc5, 0xcf, 0xbe, 0x95, 0x91,
175 0xeb, 0xcf, 0x47, 0xf3, 0x33, 0x32, 0xc7, 0x7e, 0x93, 0x56, 0xf7, 0xd8, 0xf9, 0xd4, 0xb6, 0xd6,
176 0x20, 0xac, 0xba, 0x8a, 0x20, 0x19, 0x14, 0xab, 0xc5, 0x5d, 0xb2, 0x08, 0xcc, 0x77, 0x7c, 0x65,
177 0xa8, 0xdb, 0x66, 0x97, 0x36, 0x44, 0x2c, 0x63, 0xc0, 0x6a, 0x7e, 0xb0, 0x0b, 0x5c, 0x90, 0x12,
178 0x50, 0xb4, 0x36, 0x60, 0xc3, 0x1f, 0x22, 0x0c, 0xc8, 0x13, 0x02, 0x40, 0x33, 0xc8, 0x7e, 0x04,
179 0x7c, 0x97, 0x61, 0xf6, 0xfe, 0x39, 0xac, 0x34, 0xfe, 0x48, 0xbd, 0x5d, 0x7c, 0x72, 0xa4, 0x73,
180 0x3b, 0x72, 0x9e, 0x92, 0x55, 0x6e, 0x51, 0x3c, 0x39, 0x43, 0x5a, 0xe4, 0xa4, 0x71, 0xcc, 0xc5,
181 0xaf, 0x3f, 0xbb, 0xc8, 0x80, 0x65, 0x67, 0x2d, 0x9e, 0x32, 0x10, 0x99, 0x03, 0x2c, 0x99, 0xc8,
182 0xab, 0x71, 0xed, 0x31, 0xf8, 0xbb, 0xde, 0xee, 0x69, 0x7f, 0xba, 0x31, 0x02, 0x40, 0x7e, 0xbc,
183 0x60, 0x55, 0x4e, 0xd5, 0xc8, 0x6e, 0xf4, 0x0e, 0x57, 0xbe, 0x2e, 0xf9, 0x39, 0xbe, 0x59, 0x3f,
184 0xa2, 0x30, 0xbb, 0x57, 0xd1, 0xa3, 0x13, 0x2e, 0x55, 0x7c, 0x7c, 0x6a, 0xd8, 0xde, 0x02, 0xbe,
185 0x9e, 0xed, 0x10, 0xd0, 0xc5, 0x73, 0x1d, 0xea, 0x3e, 0xb1, 0x55, 0x81, 0x02, 0xef, 0x48, 0xc8,
186 0x1c, 0x5c, 0x7a, 0x92, 0xb0, 0x58, 0xd3, 0x19, 0x5b, 0x5d, 0xa2, 0xb6, 0x56, 0x69, 0x02, 0x40,
187 0x1e, 0x00, 0x6a, 0x9f, 0xba, 0xee, 0x46, 0x5a, 0xc5, 0xb5, 0x9f, 0x91, 0x33, 0xdd, 0xc9, 0x96,
188 0x75, 0xb7, 0x87, 0xcf, 0x18, 0x1c, 0xb7, 0xb9, 0x3f, 0x04, 0x10, 0xb8, 0x75, 0xa9, 0xb8, 0xa0,
189 0x31, 0x35, 0x03, 0x30, 0x89, 0xc8, 0x37, 0x68, 0x20, 0x30, 0x99, 0x39, 0x96, 0xd6, 0x2b, 0x3d,
190 0x5e, 0x45, 0x84, 0xf7, 0xd2, 0x61, 0x50, 0xc9, 0x50, 0xba, 0x8d, 0x08, 0xaa, 0xd0, 0x08, 0x1e,
191 };
192
193
194 static const PKCS12_ATTR ATTRS1[] = {
195 { "friendlyName", "george" },
196 { "localKeyID", "1234567890" },
197 { "1.2.3.4.5", "MyCustomAttribute" },
198 { NULL, NULL }
199 };
200
201 static const PKCS12_ATTR ATTRS2[] = {
202 { "friendlyName", "janet" },
203 { "localKeyID", "987654321" },
204 { "1.2.3.5.8.13", "AnotherCustomAttribute" },
205 { NULL, NULL }
206 };
207
208 static const PKCS12_ENC enc_default = {
209 #ifndef OPENSSL_NO_DES
210 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
211 #else
212 NID_aes_128_cbc,
213 #endif
214 "Password1",
215 1000
216 };
217
218 static const PKCS12_ENC mac_default = {
219 NID_sha1,
220 "Password1",
221 1000
222 };
223
224 static const int enc_nids_all[] = {
225 /* NOTE: To use PBES2 we pass the desired cipher NID instead of NID_pbes2 */
226 NID_aes_128_cbc,
227 NID_aes_256_cbc,
228 #ifndef OPENSSL_NO_DES
229 NID_des_ede3_cbc,
230 NID_des_cbc,
231 #endif
232 #ifndef OPENSSL_NO_RC5
233 NID_rc5_cbc,
234 #endif
235 #ifndef OPENSSL_NO_RC4
236 NID_rc4,
237 #endif
238 #ifndef OPENSSL_NO_RC2
239 NID_rc2_cbc,
240 #endif
241
242 #ifndef OPENSSL_NO_MD2
243 # ifndef OPENSSL_NO_DES
244 NID_pbeWithMD2AndDES_CBC,
245 # endif
246 # ifndef OPENSSL_NO_RC2
247 NID_pbeWithMD2AndRC2_CBC,
248 # endif
249 #endif
250
251 #ifndef OPENSSL_NO_MD5
252 # ifndef OPENSSL_NO_DES
253 NID_pbeWithMD5AndDES_CBC,
254 # endif
255 # ifndef OPENSSL_NO_RC2
256 NID_pbeWithMD5AndRC2_CBC,
257 # endif
258 #endif
259 #ifndef OPENSSL_NO_DES
260 NID_pbeWithSHA1AndDES_CBC,
261 #endif
262 #ifndef OPENSSL_NO_RC2
263 NID_pbe_WithSHA1And128BitRC2_CBC,
264 NID_pbe_WithSHA1And40BitRC2_CBC,
265 NID_pbeWithSHA1AndRC2_CBC,
266 #endif
267 #ifndef OPENSSL_NO_RC4
268 NID_pbe_WithSHA1And128BitRC4,
269 NID_pbe_WithSHA1And40BitRC4,
270 #endif
271 #ifndef OPENSSL_NO_DES
272 NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
273 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
274 #endif
275 };
276
277 static const int enc_nids_no_legacy[] = {
278 /* NOTE: To use PBES2 we pass the desired cipher NID instead of NID_pbes2 */
279 NID_aes_128_cbc,
280 NID_aes_256_cbc,
281 #ifndef OPENSSL_NO_DES
282 NID_des_ede3_cbc,
283 NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
284 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
285 #endif
286 };
287
288 static const int mac_nids[] = {
289 NID_sha1,
290 NID_md5,
291 NID_sha256,
292 NID_sha512,
293 NID_sha3_256,
294 NID_sha3_512
295 };
296
297 static const int iters[] = {
298 1,
299 1000
300 };
301
302 static const char *passwords[] = {
303 "Password1",
304 "",
305 };
306
307 /* --------------------------------------------------------------------------
308 * Local functions
309 */
310
get_custom_oid(void)311 static int get_custom_oid(void)
312 {
313 static int sec_nid = -1;
314
315 if (sec_nid != -1)
316 return sec_nid;
317 if (!TEST_true(OBJ_create("1.3.5.7.9", "CustomSecretOID", "My custom secret OID")))
318 return -1;
319 return sec_nid = OBJ_txt2nid("CustomSecretOID");
320 }
321
322
323 /* --------------------------------------------------------------------------
324 * PKCS12 format tests
325 */
326
test_single_cert_no_attrs(void)327 static int test_single_cert_no_attrs(void)
328 {
329 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert.p12");
330
331 /* Generate/encode */
332 start_pkcs12(pb);
333
334 start_contentinfo(pb);
335
336 add_certbag(pb, CERT1, sizeof(CERT1), NULL);
337
338 end_contentinfo(pb);
339
340 end_pkcs12(pb);
341
342 /* Read/decode */
343 start_check_pkcs12(pb);
344
345 start_check_contentinfo(pb);
346
347 check_certbag(pb, CERT1, sizeof(CERT1), NULL);
348
349 end_check_contentinfo(pb);
350
351 end_check_pkcs12(pb);
352
353 return end_pkcs12_builder(pb);
354 }
355
test_single_key(PKCS12_ENC * enc)356 static int test_single_key(PKCS12_ENC *enc)
357 {
358 char fname[80];
359 PKCS12_BUILDER *pb;
360
361 BIO_snprintf(fname, sizeof(fname), "1key_ciph-%s_iter-%d.p12",
362 OBJ_nid2sn(enc->nid), enc->iter);
363
364 pb = new_pkcs12_builder(fname);
365
366 /* Generate/encode */
367 start_pkcs12(pb);
368
369 start_contentinfo(pb);
370
371 add_keybag(pb, KEY1, sizeof(KEY1), NULL, enc);
372
373 end_contentinfo(pb);
374
375 end_pkcs12(pb);
376
377 /* Read/decode */
378 start_check_pkcs12(pb);
379
380 start_check_contentinfo(pb);
381
382 check_keybag(pb, KEY1, sizeof(KEY1), NULL, enc);
383
384 end_check_contentinfo(pb);
385
386 end_check_pkcs12(pb);
387
388 return end_pkcs12_builder(pb);
389 }
390
test_single_key_enc_alg(int z)391 static int test_single_key_enc_alg(int z)
392 {
393 PKCS12_ENC enc;
394
395 if (lgcyprov == NULL)
396 enc.nid = enc_nids_no_legacy[z];
397 else
398 enc.nid = enc_nids_all[z];
399 enc.pass = enc_default.pass;
400 enc.iter = enc_default.iter;
401
402 return test_single_key(&enc);
403 }
404
test_single_key_enc_pass(int z)405 static int test_single_key_enc_pass(int z)
406 {
407 PKCS12_ENC enc;
408
409 enc.nid = enc_default.nid;
410 enc.pass = passwords[z];
411 enc.iter = enc_default.iter;
412
413 return test_single_key(&enc);
414 }
415
test_single_key_enc_iter(int z)416 static int test_single_key_enc_iter(int z)
417 {
418 PKCS12_ENC enc;
419
420 enc.nid = enc_default.nid;
421 enc.pass = enc_default.pass;
422 enc.iter = iters[z];
423
424 return test_single_key(&enc);
425 }
426
test_single_key_with_attrs(void)427 static int test_single_key_with_attrs(void)
428 {
429 PKCS12_BUILDER *pb = new_pkcs12_builder("1keyattrs.p12");
430
431 /* Generate/encode */
432 start_pkcs12(pb);
433
434 start_contentinfo(pb);
435
436 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
437
438 end_contentinfo(pb);
439
440 end_pkcs12(pb);
441
442 /* Read/decode */
443 start_check_pkcs12(pb);
444
445 start_check_contentinfo(pb);
446
447 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
448
449 end_check_contentinfo(pb);
450
451 end_check_pkcs12(pb);
452
453 return end_pkcs12_builder(pb);
454 }
455
test_single_cert_mac(PKCS12_ENC * mac)456 static int test_single_cert_mac(PKCS12_ENC *mac)
457 {
458 char fname[80];
459 PKCS12_BUILDER *pb;
460
461 BIO_snprintf(fname, sizeof(fname), "1cert_mac-%s_iter-%d.p12",
462 OBJ_nid2sn(mac->nid), mac->iter);
463
464 pb = new_pkcs12_builder(fname);
465
466 /* Generate/encode */
467 start_pkcs12(pb);
468
469 start_contentinfo(pb);
470
471 add_certbag(pb, CERT1, sizeof(CERT1), NULL);
472
473 end_contentinfo(pb);
474
475 end_pkcs12_with_mac(pb, mac);
476
477 /* Read/decode */
478 start_check_pkcs12_with_mac(pb, mac);
479
480 start_check_contentinfo(pb);
481
482 check_certbag(pb, CERT1, sizeof(CERT1), NULL);
483
484 end_check_contentinfo(pb);
485
486 end_check_pkcs12(pb);
487
488 return end_pkcs12_builder(pb);
489 }
490
test_single_cert_mac_alg(int z)491 static int test_single_cert_mac_alg(int z)
492 {
493 PKCS12_ENC mac;
494
495 mac.nid = mac_nids[z];
496 mac.pass = mac_default.pass;
497 mac.iter = mac_default.iter;
498
499 return test_single_cert_mac(&mac);
500 }
501
test_single_cert_mac_pass(int z)502 static int test_single_cert_mac_pass(int z)
503 {
504 PKCS12_ENC mac;
505
506 mac.nid = mac_default.nid;
507 mac.pass = passwords[z];
508 mac.iter = mac_default.iter;
509
510 return test_single_cert_mac(&mac);
511 }
512
test_single_cert_mac_iter(int z)513 static int test_single_cert_mac_iter(int z)
514 {
515 PKCS12_ENC mac;
516
517 mac.nid = mac_default.nid;
518 mac.pass = mac_default.pass;
519 mac.iter = iters[z];
520
521 return test_single_cert_mac(&mac);
522 }
523
test_cert_key_with_attrs_and_mac(void)524 static int test_cert_key_with_attrs_and_mac(void)
525 {
526 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key.p12");
527
528 /* Generate/encode */
529 start_pkcs12(pb);
530
531 start_contentinfo(pb);
532
533 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
534 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
535
536 end_contentinfo(pb);
537
538 end_pkcs12_with_mac(pb, &mac_default);
539
540 /* Read/decode */
541 start_check_pkcs12_with_mac(pb, &mac_default);
542
543 start_check_contentinfo(pb);
544
545 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
546 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
547
548 end_check_contentinfo(pb);
549
550 end_check_pkcs12(pb);
551
552 return end_pkcs12_builder(pb);
553 }
554
test_cert_key_encrypted_content(void)555 static int test_cert_key_encrypted_content(void)
556 {
557 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key_enc.p12");
558
559 /* Generate/encode */
560 start_pkcs12(pb);
561
562 start_contentinfo(pb);
563
564 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
565 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
566
567 end_contentinfo_encrypted(pb, &enc_default);
568
569 end_pkcs12_with_mac(pb, &mac_default);
570
571 /* Read/decode */
572 start_check_pkcs12_with_mac(pb, &mac_default);
573
574 start_check_contentinfo_encrypted(pb, &enc_default);
575
576 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
577 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
578
579 end_check_contentinfo(pb);
580
581 end_check_pkcs12(pb);
582
583 return end_pkcs12_builder(pb);
584 }
585
test_single_secret_encrypted_content(void)586 static int test_single_secret_encrypted_content(void)
587 {
588 PKCS12_BUILDER *pb = new_pkcs12_builder("1secret.p12");
589 int custom_nid = get_custom_oid();
590
591 /* Generate/encode */
592 start_pkcs12(pb);
593
594 start_contentinfo(pb);
595
596 add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
597
598 end_contentinfo_encrypted(pb, &enc_default);
599
600 end_pkcs12_with_mac(pb, &mac_default);
601
602 /* Read/decode */
603 start_check_pkcs12_with_mac(pb, &mac_default);
604
605 start_check_contentinfo_encrypted(pb, &enc_default);
606
607 check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
608
609 end_check_contentinfo(pb);
610
611 end_check_pkcs12(pb);
612
613 return end_pkcs12_builder(pb);
614 }
615
test_single_secret(PKCS12_ENC * enc)616 static int test_single_secret(PKCS12_ENC *enc)
617 {
618 int custom_nid;
619 char fname[80];
620 PKCS12_BUILDER *pb;
621
622 BIO_snprintf(fname, sizeof(fname), "1secret_ciph-%s_iter-%d.p12",
623 OBJ_nid2sn(enc->nid), enc->iter);
624 pb = new_pkcs12_builder(fname);
625 custom_nid = get_custom_oid();
626
627 /* Generate/encode */
628 start_pkcs12(pb);
629
630 start_contentinfo(pb);
631
632 add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
633
634 end_contentinfo_encrypted(pb, enc);
635
636 end_pkcs12_with_mac(pb, &mac_default);
637
638 /* Read/decode */
639 start_check_pkcs12_with_mac(pb, &mac_default);
640
641 start_check_contentinfo_encrypted(pb, enc);
642
643 check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
644
645 end_check_contentinfo(pb);
646
647 end_check_pkcs12(pb);
648
649 return end_pkcs12_builder(pb);
650 }
651
test_single_secret_enc_alg(int z)652 static int test_single_secret_enc_alg(int z)
653 {
654 PKCS12_ENC enc;
655
656 if (lgcyprov == NULL)
657 enc.nid = enc_nids_no_legacy[z];
658 else
659 enc.nid = enc_nids_all[z];
660 enc.pass = enc_default.pass;
661 enc.iter = enc_default.iter;
662
663 return test_single_secret(&enc);
664 }
665
test_multiple_contents(void)666 static int test_multiple_contents(void)
667 {
668 PKCS12_BUILDER *pb = new_pkcs12_builder("multi_contents.p12");
669 int custom_nid = get_custom_oid();
670
671 /* Generate/encode */
672 start_pkcs12(pb);
673
674 start_contentinfo(pb);
675
676 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
677 add_certbag(pb, CERT2, sizeof(CERT2), ATTRS2);
678 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
679 add_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default);
680
681 end_contentinfo(pb);
682
683 start_contentinfo(pb);
684
685 add_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1);
686
687 end_contentinfo_encrypted(pb, &enc_default);
688
689 end_pkcs12_with_mac(pb, &mac_default);
690
691 /* Read/decode */
692 start_check_pkcs12_with_mac(pb, &mac_default);
693
694 start_check_contentinfo(pb);
695
696 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
697 check_certbag(pb, CERT2, sizeof(CERT2), ATTRS2);
698 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
699 check_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default);
700
701 end_check_contentinfo(pb);
702
703 start_check_contentinfo_encrypted(pb, &enc_default);
704
705 check_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1);
706
707 end_check_contentinfo(pb);
708
709 end_check_pkcs12(pb);
710
711 return end_pkcs12_builder(pb);
712 }
713
714 #ifndef OPENSSL_NO_DES
pkcs12_create_test(void)715 static int pkcs12_create_test(void)
716 {
717 int ret = 0;
718 EVP_PKEY *pkey = NULL;
719 PKCS12 *p12 = NULL;
720 const unsigned char *p;
721
722 static const unsigned char rsa_key[] = {
723 0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbb,
724 0x24, 0x7a, 0x09, 0x7e, 0x0e, 0xb2, 0x37, 0x32, 0xcc, 0x39, 0x67, 0xad,
725 0xf1, 0x9e, 0x3d, 0x6b, 0x82, 0x83, 0xd1, 0xd0, 0xac, 0xa4, 0xc0, 0x18,
726 0xbe, 0x8d, 0x98, 0x00, 0xc0, 0x7b, 0xff, 0x07, 0x44, 0xc9, 0xca, 0x1c,
727 0xba, 0x36, 0xe1, 0x27, 0x69, 0xff, 0xb1, 0xe3, 0x8d, 0x8b, 0xee, 0x57,
728 0xa9, 0x3a, 0xaa, 0x16, 0x43, 0x39, 0x54, 0x19, 0x7c, 0xae, 0x69, 0x24,
729 0x14, 0xf6, 0x64, 0xff, 0xbc, 0x74, 0xc6, 0x67, 0x6c, 0x4c, 0xf1, 0x02,
730 0x49, 0x69, 0xc7, 0x2b, 0xe1, 0xe1, 0xa1, 0xa3, 0x43, 0x14, 0xf4, 0x77,
731 0x8f, 0xc8, 0xd0, 0x85, 0x5a, 0x35, 0x95, 0xac, 0x62, 0xa9, 0xc1, 0x21,
732 0x00, 0x77, 0xa0, 0x8b, 0x97, 0x30, 0xb4, 0x5a, 0x2c, 0xb8, 0x90, 0x2f,
733 0x48, 0xa0, 0x05, 0x28, 0x4b, 0xf2, 0x0f, 0x8d, 0xec, 0x8b, 0x4d, 0x03,
734 0x42, 0x75, 0xd6, 0xad, 0x81, 0xc0, 0x11, 0x02, 0x03, 0x01, 0x00, 0x01,
735 0x02, 0x81, 0x80, 0x00, 0xfc, 0xb9, 0x4a, 0x26, 0x07, 0x89, 0x51, 0x2b,
736 0x53, 0x72, 0x91, 0xe0, 0x18, 0x3e, 0xa6, 0x5e, 0x31, 0xef, 0x9c, 0x0c,
737 0x16, 0x24, 0x42, 0xd0, 0x28, 0x33, 0xf9, 0xfa, 0xd0, 0x3c, 0x54, 0x04,
738 0x06, 0xc0, 0x15, 0xf5, 0x1b, 0x9a, 0xb3, 0x24, 0x31, 0xab, 0x3c, 0x6b,
739 0x47, 0x43, 0xb0, 0xd2, 0xa9, 0xdc, 0x05, 0xe1, 0x81, 0x59, 0xb6, 0x04,
740 0xe9, 0x66, 0x61, 0xaa, 0xd7, 0x0b, 0x00, 0x8f, 0x3d, 0xe5, 0xbf, 0xa2,
741 0xf8, 0x5e, 0x25, 0x6c, 0x1e, 0x22, 0x0f, 0xb4, 0xfd, 0x41, 0xe2, 0x03,
742 0x31, 0x5f, 0xda, 0x20, 0xc5, 0xc0, 0xf3, 0x55, 0x0e, 0xe1, 0xc9, 0xec,
743 0xd7, 0x3e, 0x2a, 0x0c, 0x01, 0xca, 0x7b, 0x22, 0xcb, 0xac, 0xf4, 0x2b,
744 0x27, 0xf0, 0x78, 0x5f, 0xb5, 0xc2, 0xf9, 0xe8, 0x14, 0x5a, 0x6e, 0x7e,
745 0x86, 0xbd, 0x6a, 0x9b, 0x20, 0x0c, 0xba, 0xcc, 0x97, 0x20, 0x11, 0x02,
746 0x41, 0x00, 0xc9, 0x59, 0x9f, 0x29, 0x8a, 0x5b, 0x9f, 0xe3, 0x2a, 0xd8,
747 0x7e, 0xc2, 0x40, 0x9f, 0xa8, 0x45, 0xe5, 0x3e, 0x11, 0x8d, 0x3c, 0xed,
748 0x6e, 0xab, 0xce, 0xd0, 0x65, 0x46, 0xd8, 0xc7, 0x07, 0x63, 0xb5, 0x23,
749 0x34, 0xf4, 0x9f, 0x7e, 0x1c, 0xc7, 0xc7, 0xf9, 0x65, 0xd1, 0xf4, 0x04,
750 0x42, 0x38, 0xbe, 0x3a, 0x0c, 0x9d, 0x08, 0x25, 0xfc, 0xa3, 0x71, 0xd9,
751 0xae, 0x0c, 0x39, 0x61, 0xf4, 0x89, 0x02, 0x41, 0x00, 0xed, 0xef, 0xab,
752 0xa9, 0xd5, 0x39, 0x9c, 0xee, 0x59, 0x1b, 0xff, 0xcf, 0x48, 0x44, 0x1b,
753 0xb6, 0x32, 0xe7, 0x46, 0x24, 0xf3, 0x04, 0x7f, 0xde, 0x95, 0x08, 0x6d,
754 0x75, 0x9e, 0x67, 0x17, 0xba, 0x5c, 0xa4, 0xd4, 0xe2, 0xe2, 0x4d, 0x77,
755 0xce, 0xeb, 0x66, 0x29, 0xc5, 0x96, 0xe0, 0x62, 0xbb, 0xe5, 0xac, 0xdc,
756 0x44, 0x62, 0x54, 0x86, 0xed, 0x64, 0x0c, 0xce, 0xd0, 0x60, 0x03, 0x9d,
757 0x49, 0x02, 0x40, 0x54, 0xd9, 0x18, 0x72, 0x27, 0xe4, 0xbe, 0x76, 0xbb,
758 0x1a, 0x6a, 0x28, 0x2f, 0x95, 0x58, 0x12, 0xc4, 0x2c, 0xa8, 0xb6, 0xcc,
759 0xe2, 0xfd, 0x0d, 0x17, 0x64, 0xc8, 0x18, 0xd7, 0xc6, 0xdf, 0x3d, 0x4c,
760 0x1a, 0x9e, 0xf9, 0x2a, 0xb0, 0xb9, 0x2e, 0x12, 0xfd, 0xec, 0xc3, 0x51,
761 0xc1, 0xed, 0xa9, 0xfd, 0xb7, 0x76, 0x93, 0x41, 0xd8, 0xc8, 0x22, 0x94,
762 0x1a, 0x77, 0xf6, 0x9c, 0xc3, 0xc3, 0x89, 0x02, 0x41, 0x00, 0x8e, 0xf9,
763 0xa7, 0x08, 0xad, 0xb5, 0x2a, 0x04, 0xdb, 0x8d, 0x04, 0xa1, 0xb5, 0x06,
764 0x20, 0x34, 0xd2, 0xcf, 0xc0, 0x89, 0xb1, 0x72, 0x31, 0xb8, 0x39, 0x8b,
765 0xcf, 0xe2, 0x8e, 0xa5, 0xda, 0x4f, 0x45, 0x1e, 0x53, 0x42, 0x66, 0xc4,
766 0x30, 0x4b, 0x29, 0x8e, 0xc1, 0x69, 0x17, 0x29, 0x8c, 0x8a, 0xe6, 0x0f,
767 0x82, 0x68, 0xa1, 0x41, 0xb3, 0xb6, 0x70, 0x99, 0x75, 0xa9, 0x27, 0x18,
768 0xe4, 0xe9, 0x02, 0x41, 0x00, 0x89, 0xea, 0x6e, 0x6d, 0x70, 0xdf, 0x25,
769 0x5f, 0x18, 0x3f, 0x48, 0xda, 0x63, 0x10, 0x8b, 0xfe, 0xa8, 0x0c, 0x94,
770 0x0f, 0xde, 0x97, 0x56, 0x53, 0x89, 0x94, 0xe2, 0x1e, 0x2c, 0x74, 0x3c,
771 0x91, 0x81, 0x34, 0x0b, 0xa6, 0x40, 0xf8, 0xcb, 0x2a, 0x60, 0x8c, 0xe0,
772 0x02, 0xb7, 0x89, 0x93, 0xcf, 0x18, 0x9f, 0x49, 0x54, 0xfd, 0x7d, 0x3f,
773 0x9a, 0xef, 0xd4, 0xa4, 0x4f, 0xc1, 0x45, 0x99, 0x91,
774 };
775
776 p = rsa_key;
777 if (!TEST_ptr(pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &p,
778 sizeof(rsa_key), NULL, NULL)))
779 goto err;
780 if (!TEST_int_eq(ERR_peek_error(), 0))
781 goto err;
782 p12 = PKCS12_create(NULL, NULL, pkey, NULL, NULL,
783 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
784 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 2, 1, 0);
785 if (!TEST_ptr(p12))
786 goto err;
787
788 if (!TEST_int_eq(ERR_peek_error(), 0))
789 goto err;
790 ret = 1;
791 err:
792 PKCS12_free(p12);
793 EVP_PKEY_free(pkey);
794 return ret;
795 }
796 #endif
797
pkcs12_recreate_test(void)798 static int pkcs12_recreate_test(void)
799 {
800 int ret = 0;
801 X509 *cert = NULL;
802 X509 *cert_parsed = NULL;
803 EVP_PKEY *pkey = NULL;
804 EVP_PKEY *pkey_parsed = NULL;
805 PKCS12 *p12 = NULL;
806 PKCS12 *p12_parsed = NULL;
807 PKCS12 *p12_recreated = NULL;
808 const unsigned char *cert_bytes = CERT1;
809 const unsigned char *key_bytes = KEY1;
810 BIO *bio = NULL;
811
812 cert = d2i_X509(NULL, &cert_bytes, sizeof(CERT1));
813 if (!TEST_ptr(cert))
814 goto err;
815 pkey = d2i_AutoPrivateKey(NULL, &key_bytes, sizeof(KEY1));
816 if (!TEST_ptr(pkey))
817 goto err;
818 p12 = PKCS12_create("pass", NULL, pkey, cert, NULL, NID_aes_256_cbc,
819 NID_aes_256_cbc, 2, 1, 0);
820 if (!TEST_ptr(p12))
821 goto err;
822 if (!TEST_int_eq(ERR_peek_error(), 0))
823 goto err;
824
825 bio = BIO_new(BIO_s_mem());
826 if (!TEST_ptr(bio))
827 goto err;
828 if (!TEST_int_eq(i2d_PKCS12_bio(bio, p12), 1))
829 goto err;
830 p12_parsed = PKCS12_init_ex(NID_pkcs7_data, testctx, NULL);
831 if (!TEST_ptr(p12_parsed))
832 goto err;
833 p12_parsed = d2i_PKCS12_bio(bio, &p12_parsed);
834 if (!TEST_ptr(p12_parsed))
835 goto err;
836 if (!TEST_int_eq(PKCS12_parse(p12_parsed, "pass", &pkey_parsed,
837 &cert_parsed, NULL), 1))
838 goto err;
839
840 /* cert_parsed also contains auxiliary data */
841 p12_recreated = PKCS12_create("new_pass", NULL, pkey_parsed, cert_parsed,
842 NULL, NID_aes_256_cbc, NID_aes_256_cbc,
843 2, 1, 0);
844 if (!TEST_ptr(p12_recreated))
845 goto err;
846 if (!TEST_int_eq(ERR_peek_error(), 0))
847 goto err;
848
849 ret = 1;
850 err:
851 BIO_free(bio);
852 PKCS12_free(p12);
853 PKCS12_free(p12_parsed);
854 PKCS12_free(p12_recreated);
855 EVP_PKEY_free(pkey);
856 EVP_PKEY_free(pkey_parsed);
857 X509_free(cert);
858 X509_free(cert_parsed);
859 return ret;
860 }
861
862 typedef enum OPTION_choice {
863 OPT_ERR = -1,
864 OPT_EOF = 0,
865 OPT_WRITE,
866 OPT_LEGACY,
867 OPT_CONTEXT,
868 OPT_TEST_ENUM
869 } OPTION_CHOICE;
870
test_get_options(void)871 const OPTIONS *test_get_options(void)
872 {
873 static const OPTIONS options[] = {
874 OPT_TEST_OPTIONS_DEFAULT_USAGE,
875 { "write", OPT_WRITE, '-', "Write PKCS12 objects to file" },
876 { "legacy", OPT_LEGACY, '-', "Test the legacy APIs" },
877 { "context", OPT_CONTEXT, '-', "Explicitly use a non-default library context" },
878 { NULL }
879 };
880 return options;
881 }
882
setup_tests(void)883 int setup_tests(void)
884 {
885 OPTION_CHOICE o;
886
887 while ((o = opt_next()) != OPT_EOF) {
888 switch (o) {
889 case OPT_WRITE:
890 PKCS12_helper_set_write_files(1);
891 break;
892 case OPT_LEGACY:
893 PKCS12_helper_set_legacy(1);
894 break;
895 case OPT_CONTEXT:
896 default_libctx = 0;
897 break;
898 case OPT_TEST_CASES:
899 break;
900 default:
901 return 0;
902 }
903 }
904
905 if (!default_libctx) {
906 testctx = OSSL_LIB_CTX_new();
907 if (!TEST_ptr(testctx))
908 return 0;
909 nullprov = OSSL_PROVIDER_load(NULL, "null");
910 if (!TEST_ptr(nullprov))
911 return 0;
912 }
913
914 deflprov = OSSL_PROVIDER_load(testctx, "default");
915 if (!TEST_ptr(deflprov))
916 return 0;
917 lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
918
919 PKCS12_helper_set_libctx(testctx);
920
921 /*
922 * Verify that the default and fips providers in the default libctx are not
923 * available if we are using a standalone context
924 */
925 if (!default_libctx) {
926 if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
927 || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
928 return 0;
929 }
930
931 ADD_TEST(test_single_cert_no_attrs);
932 if (lgcyprov == NULL) {
933 ADD_ALL_TESTS(test_single_key_enc_alg, OSSL_NELEM(enc_nids_no_legacy));
934 ADD_ALL_TESTS(test_single_secret_enc_alg, OSSL_NELEM(enc_nids_no_legacy));
935 } else {
936 ADD_ALL_TESTS(test_single_key_enc_alg, OSSL_NELEM(enc_nids_all));
937 ADD_ALL_TESTS(test_single_secret_enc_alg, OSSL_NELEM(enc_nids_all));
938 }
939 #ifndef OPENSSL_NO_DES
940 if (default_libctx)
941 ADD_TEST(pkcs12_create_test);
942 #endif
943 if (default_libctx)
944 ADD_TEST(pkcs12_recreate_test);
945 ADD_ALL_TESTS(test_single_key_enc_pass, OSSL_NELEM(passwords));
946 ADD_ALL_TESTS(test_single_key_enc_iter, OSSL_NELEM(iters));
947 ADD_TEST(test_single_key_with_attrs);
948 ADD_ALL_TESTS(test_single_cert_mac_alg, OSSL_NELEM(mac_nids));
949 ADD_ALL_TESTS(test_single_cert_mac_pass, OSSL_NELEM(passwords));
950 ADD_ALL_TESTS(test_single_cert_mac_iter, OSSL_NELEM(iters));
951 ADD_TEST(test_cert_key_with_attrs_and_mac);
952 ADD_TEST(test_cert_key_encrypted_content);
953 ADD_TEST(test_single_secret_encrypted_content);
954 ADD_TEST(test_multiple_contents);
955 return 1;
956 }
957
cleanup_tests(void)958 void cleanup_tests(void)
959 {
960 OSSL_PROVIDER_unload(nullprov);
961 OSSL_PROVIDER_unload(deflprov);
962 OSSL_PROVIDER_unload(lgcyprov);
963 OSSL_LIB_CTX_free(testctx);
964 }
965