1 /*
2 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12 #include <stdlib.h>
13
14 #include "internal/nelem.h"
15
16 #include <openssl/pkcs12.h>
17 #include <openssl/x509.h>
18 #include <openssl/x509v3.h>
19 #include <openssl/pem.h>
20
21 #include "testutil.h"
22 #include "helpers/pkcs12.h"
23
24 static int default_libctx = 1;
25
26 static OSSL_LIB_CTX *testctx = NULL;
27 static OSSL_PROVIDER *nullprov = NULL;
28 static OSSL_PROVIDER *deflprov = NULL;
29 static OSSL_PROVIDER *lgcyprov = NULL;
30
31 /* --------------------------------------------------------------------------
32 * PKCS12 component test data
33 */
34
35 static const unsigned char CERT1[] =
36 {
37 0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
38 0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe6, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
39 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
40 0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74,
41 0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36,
42 0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35,
43 0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50,
44 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2d, 0x31, 0x30,
45 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
46 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c,
47 0x7a, 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1,
48 0xc8, 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84,
49 0x81, 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf,
50 0xc7, 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b,
51 0x84, 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72,
52 0x31, 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9,
53 0x19, 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44,
54 0xc1, 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00,
55 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
56 0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02,
57 0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30,
58 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d,
59 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81,
60 0x00, 0x1c, 0x13, 0xdc, 0x02, 0xf1, 0x44, 0x36, 0x65, 0xa9, 0xbe, 0x30, 0x1c, 0x66, 0x14, 0x20,
61 0x86, 0x5a, 0xa8, 0x69, 0x25, 0xf8, 0x1a, 0xb6, 0x9e, 0x5e, 0xe9, 0x89, 0xb8, 0x67, 0x70, 0x19,
62 0x87, 0x60, 0xeb, 0x4b, 0x11, 0x71, 0x85, 0xf8, 0xe9, 0xa7, 0x3e, 0x20, 0x42, 0xec, 0x43, 0x25,
63 0x01, 0x03, 0xe5, 0x4d, 0x83, 0x22, 0xf5, 0x8e, 0x3a, 0x1a, 0x1b, 0xd4, 0x1c, 0xda, 0x6b, 0x9d,
64 0x10, 0x1b, 0xee, 0x67, 0x4e, 0x1f, 0x69, 0xab, 0xbc, 0xaa, 0x62, 0x8e, 0x9e, 0xc6, 0xee, 0xd6,
65 0x09, 0xc0, 0xca, 0xe0, 0xaa, 0x9f, 0x07, 0xb2, 0xc2, 0xbb, 0x31, 0x96, 0xa2, 0x04, 0x62, 0xd3,
66 0x13, 0x32, 0x29, 0x67, 0x6e, 0xad, 0x2e, 0x0b, 0xea, 0x04, 0x7c, 0x8c, 0x5a, 0x5d, 0xac, 0x14,
67 0xaa, 0x61, 0x7f, 0x28, 0x6c, 0x2d, 0x64, 0x2d, 0xc3, 0xaf, 0x77, 0x52, 0x90, 0xb4, 0x37, 0xc0,
68 0x30,
69 };
70
71 static const unsigned char CERT2[] =
72 {
73 0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
74 0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe7, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
75 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
76 0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74,
77 0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36,
78 0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35,
79 0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50,
80 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2d, 0x31, 0x30,
81 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
82 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86,
83 0x9f, 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35,
84 0x4d, 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8,
85 0xa5, 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03,
86 0x98, 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e,
87 0x31, 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc,
88 0x70, 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49,
89 0xd3, 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe,
90 0x2d, 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00,
91 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
92 0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02,
93 0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30,
94 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d,
95 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81,
96 0x00, 0x3b, 0xa6, 0x73, 0xbe, 0xe0, 0x28, 0xed, 0x1f, 0x29, 0x78, 0x4c, 0xc0, 0x1f, 0xe9, 0x85,
97 0xc6, 0x8f, 0xe3, 0x87, 0x7c, 0xd9, 0xe7, 0x0a, 0x37, 0xe8, 0xaa, 0xb5, 0xd2, 0x7f, 0xf8, 0x90,
98 0x20, 0x80, 0x35, 0xa7, 0x79, 0x2b, 0x04, 0xa7, 0xbf, 0xe6, 0x7b, 0x58, 0xcb, 0xec, 0x0e, 0x58,
99 0xef, 0x2a, 0x70, 0x8a, 0x56, 0x8a, 0xcf, 0x6b, 0x7a, 0x74, 0x0c, 0xf4, 0x15, 0x37, 0x93, 0xcd,
100 0xe6, 0xb2, 0xa1, 0x83, 0x09, 0xdb, 0x9e, 0x4f, 0xff, 0x6a, 0x17, 0x4f, 0x33, 0xc9, 0xcc, 0x90,
101 0x2a, 0x67, 0xff, 0x16, 0x78, 0xa8, 0x2c, 0x10, 0xe0, 0x52, 0x8c, 0xe6, 0xe9, 0x90, 0x8d, 0xe0,
102 0x62, 0x04, 0x9a, 0x0f, 0x44, 0x01, 0x82, 0x14, 0x92, 0x44, 0x25, 0x69, 0x22, 0xb7, 0xb8, 0xc5,
103 0x94, 0x4c, 0x4b, 0x1c, 0x9b, 0x92, 0x60, 0x66, 0x90, 0x4e, 0xb9, 0xa8, 0x4c, 0x89, 0xbb, 0x0f,
104 0x0b,
105 };
106
107 static const unsigned char KEY1[] =
108 {
109 0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c, 0x7a,
110 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1, 0xc8,
111 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84, 0x81,
112 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf, 0xc7,
113 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b, 0x84,
114 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72, 0x31,
115 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9, 0x19,
116 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44, 0xc1,
117 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00, 0x01,
118 0x02, 0x81, 0x81, 0x00, 0xa5, 0x6d, 0xf9, 0x8f, 0xf5, 0x5a, 0xa3, 0x50, 0xd9, 0x0d, 0x37, 0xbb,
119 0xce, 0x13, 0x94, 0xb8, 0xea, 0x32, 0x7f, 0x0c, 0xf5, 0x46, 0x0b, 0x90, 0x17, 0x7e, 0x5e, 0x63,
120 0xbd, 0xa4, 0x78, 0xcd, 0x19, 0x97, 0xd4, 0x92, 0x30, 0x78, 0xaa, 0xb4, 0xa7, 0x9c, 0xc6, 0xdf,
121 0x2a, 0x65, 0x0e, 0xb5, 0x9f, 0x9c, 0x84, 0x0d, 0x4d, 0x3a, 0x74, 0xfc, 0xd0, 0xb4, 0x09, 0x74,
122 0xc4, 0xb8, 0x24, 0x03, 0xa8, 0xf0, 0xf8, 0x0d, 0x5c, 0x8e, 0xdf, 0x4b, 0xe1, 0x0a, 0x8f, 0x4f,
123 0xd5, 0xc7, 0x9b, 0x54, 0x55, 0x8f, 0x00, 0x5c, 0xea, 0x4c, 0x73, 0xf9, 0x1b, 0xbf, 0xb8, 0x93,
124 0x33, 0x20, 0xce, 0x45, 0xd9, 0x03, 0x02, 0xb2, 0x36, 0xc5, 0x0a, 0x30, 0x50, 0x78, 0x80, 0x66,
125 0x00, 0x22, 0x38, 0x86, 0xcf, 0x63, 0x4a, 0x5c, 0xbf, 0x2b, 0xd9, 0x6e, 0xe6, 0xf0, 0x39, 0xad,
126 0x12, 0x25, 0x41, 0xb9, 0x02, 0x41, 0x00, 0xf3, 0x7c, 0x07, 0x99, 0x64, 0x3a, 0x28, 0x8c, 0x8d,
127 0x05, 0xfe, 0x32, 0xb5, 0x4c, 0x8c, 0x6d, 0xde, 0x3d, 0x16, 0x08, 0xa0, 0x01, 0x61, 0x4f, 0x8e,
128 0xa0, 0xf7, 0x26, 0x26, 0xb5, 0x8e, 0xc0, 0x7a, 0xce, 0x86, 0x34, 0xde, 0xb8, 0xef, 0x86, 0x01,
129 0xbe, 0x24, 0xaa, 0x9b, 0x36, 0x93, 0x72, 0x9b, 0xf9, 0xc6, 0xcb, 0x76, 0x84, 0x67, 0x06, 0x06,
130 0x30, 0x50, 0xdf, 0x42, 0x17, 0xe0, 0xa7, 0x02, 0x41, 0x00, 0xc6, 0x91, 0xa0, 0x41, 0x34, 0x11,
131 0x67, 0x4b, 0x08, 0x0f, 0xda, 0xa7, 0x99, 0xec, 0x58, 0x11, 0xa5, 0x82, 0xdb, 0x50, 0xfe, 0x77,
132 0xe2, 0xd1, 0x53, 0x9c, 0x7d, 0xe8, 0xbf, 0xe7, 0x7c, 0xa9, 0x01, 0xb1, 0x87, 0xc3, 0x52, 0x79,
133 0x9e, 0x2c, 0xa7, 0x6f, 0x02, 0x37, 0x32, 0xef, 0x24, 0x31, 0x21, 0x0b, 0x86, 0x05, 0x32, 0x4a,
134 0x2e, 0x0b, 0x65, 0x05, 0xd3, 0xd6, 0x30, 0xb2, 0xfc, 0xa7, 0x02, 0x41, 0x00, 0xc2, 0xed, 0x31,
135 0xdc, 0x40, 0x9c, 0x3a, 0xe8, 0x42, 0xe2, 0x60, 0x5e, 0x52, 0x3c, 0xc5, 0x54, 0x14, 0x0e, 0x8d,
136 0x7c, 0x3c, 0x34, 0xbe, 0xa6, 0x05, 0x86, 0xa2, 0x36, 0x5d, 0xd9, 0x0e, 0x3e, 0xd4, 0x52, 0x50,
137 0xa9, 0x35, 0x01, 0x93, 0x68, 0x92, 0x2e, 0x9a, 0x86, 0x27, 0x1a, 0xab, 0x32, 0x9e, 0xe2, 0x79,
138 0x9f, 0x5b, 0xf3, 0xa5, 0xd2, 0xf1, 0xd3, 0x6e, 0x7b, 0x3e, 0x1b, 0x85, 0x93, 0x02, 0x40, 0x68,
139 0xb8, 0xb6, 0x7e, 0x8c, 0xba, 0x3c, 0xf2, 0x8a, 0x2e, 0xea, 0x4f, 0x07, 0xd3, 0x68, 0x62, 0xee,
140 0x1a, 0x04, 0x16, 0x44, 0x0d, 0xef, 0xf6, 0x1b, 0x95, 0x65, 0xa5, 0xd1, 0x47, 0x81, 0x2c, 0x14,
141 0xb3, 0x8e, 0xf9, 0x08, 0xcf, 0x11, 0x07, 0x55, 0xca, 0x2a, 0xad, 0xf7, 0xd3, 0xbd, 0x0f, 0x97,
142 0xf0, 0xde, 0xde, 0x70, 0xb6, 0x44, 0x70, 0x47, 0xf7, 0xf9, 0xcf, 0x75, 0x61, 0x7f, 0xf3, 0x02,
143 0x40, 0x38, 0x4a, 0x67, 0xaf, 0xae, 0xb6, 0xb2, 0x6a, 0x00, 0x25, 0x5a, 0xa4, 0x65, 0x20, 0xb1,
144 0x13, 0xbd, 0x83, 0xff, 0xb4, 0xbc, 0xf4, 0xdd, 0xa1, 0xbb, 0x1c, 0x96, 0x37, 0x35, 0xf4, 0xbf,
145 0xed, 0x4c, 0xed, 0x92, 0xe8, 0xac, 0xc9, 0xc1, 0xa5, 0xa3, 0x23, 0x66, 0x40, 0x8a, 0xa1, 0xe6,
146 0xe3, 0x95, 0xfe, 0xc4, 0x53, 0xf5, 0x7d, 0x6e, 0xca, 0x45, 0x42, 0xe4, 0xc2, 0x9f, 0xe5, 0x1e,
147 0xb5,
148 };
149
150
151 static const unsigned char KEY2[] =
152 {
153 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86, 0x9f,
154 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35, 0x4d,
155 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8, 0xa5,
156 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03, 0x98,
157 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e, 0x31,
158 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc, 0x70,
159 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49, 0xd3,
160 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe, 0x2d,
161 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00, 0x01,
162 0x02, 0x81, 0x81, 0x00, 0xa6, 0x00, 0x83, 0xf8, 0x2b, 0x33, 0xac, 0xfb, 0xdb, 0xf0, 0x52, 0x4b,
163 0xd6, 0x39, 0xe3, 0x94, 0x3d, 0x8d, 0xa9, 0x01, 0xb0, 0x6b, 0xbe, 0x7f, 0x10, 0x01, 0xb6, 0xcd,
164 0x0a, 0x45, 0x0a, 0xca, 0x67, 0x8e, 0xd8, 0x29, 0x44, 0x8a, 0x51, 0xa8, 0x66, 0x35, 0x26, 0x30,
165 0x8b, 0xe9, 0x41, 0xa6, 0x22, 0xec, 0xd2, 0xf0, 0x58, 0x41, 0x33, 0x26, 0xf2, 0x3f, 0xe8, 0x75,
166 0x4f, 0xc7, 0x5d, 0x2e, 0x5a, 0xa8, 0x7a, 0xd2, 0xbf, 0x59, 0xa0, 0x86, 0x79, 0x0b, 0x92, 0x6c,
167 0x95, 0x5d, 0x87, 0x63, 0x5c, 0xd6, 0x1a, 0xc0, 0xf6, 0x7a, 0x15, 0x8d, 0xc7, 0x3c, 0xb6, 0x9e,
168 0xa6, 0x58, 0x46, 0x9b, 0xbf, 0x3e, 0x28, 0x8c, 0xdf, 0x1a, 0x87, 0xaa, 0x7e, 0xf5, 0xf2, 0xcb,
169 0x5e, 0x84, 0x2d, 0xf6, 0x82, 0x7e, 0x89, 0x4e, 0xf5, 0xe6, 0x3c, 0x92, 0x80, 0x1e, 0x98, 0x1c,
170 0x6a, 0x7b, 0x57, 0x01, 0x02, 0x41, 0x00, 0xdd, 0x60, 0x95, 0xd7, 0xa1, 0x9d, 0x0c, 0xa1, 0x84,
171 0xc5, 0x39, 0xca, 0x67, 0x4c, 0x1c, 0x06, 0x71, 0x5b, 0x5c, 0x2d, 0x8d, 0xce, 0xcd, 0xe2, 0x79,
172 0xc8, 0x33, 0xbe, 0x50, 0x37, 0x60, 0x9f, 0x3b, 0xb9, 0x59, 0x55, 0x22, 0x1f, 0xa5, 0x4b, 0x1d,
173 0xca, 0x38, 0xa0, 0xab, 0x87, 0x9c, 0x86, 0x0e, 0xdb, 0x1c, 0x4f, 0x4f, 0x07, 0xed, 0x18, 0x3f,
174 0x05, 0x3c, 0xec, 0x78, 0x11, 0xf6, 0x99, 0x02, 0x41, 0x00, 0xc2, 0xc5, 0xcf, 0xbe, 0x95, 0x91,
175 0xeb, 0xcf, 0x47, 0xf3, 0x33, 0x32, 0xc7, 0x7e, 0x93, 0x56, 0xf7, 0xd8, 0xf9, 0xd4, 0xb6, 0xd6,
176 0x20, 0xac, 0xba, 0x8a, 0x20, 0x19, 0x14, 0xab, 0xc5, 0x5d, 0xb2, 0x08, 0xcc, 0x77, 0x7c, 0x65,
177 0xa8, 0xdb, 0x66, 0x97, 0x36, 0x44, 0x2c, 0x63, 0xc0, 0x6a, 0x7e, 0xb0, 0x0b, 0x5c, 0x90, 0x12,
178 0x50, 0xb4, 0x36, 0x60, 0xc3, 0x1f, 0x22, 0x0c, 0xc8, 0x13, 0x02, 0x40, 0x33, 0xc8, 0x7e, 0x04,
179 0x7c, 0x97, 0x61, 0xf6, 0xfe, 0x39, 0xac, 0x34, 0xfe, 0x48, 0xbd, 0x5d, 0x7c, 0x72, 0xa4, 0x73,
180 0x3b, 0x72, 0x9e, 0x92, 0x55, 0x6e, 0x51, 0x3c, 0x39, 0x43, 0x5a, 0xe4, 0xa4, 0x71, 0xcc, 0xc5,
181 0xaf, 0x3f, 0xbb, 0xc8, 0x80, 0x65, 0x67, 0x2d, 0x9e, 0x32, 0x10, 0x99, 0x03, 0x2c, 0x99, 0xc8,
182 0xab, 0x71, 0xed, 0x31, 0xf8, 0xbb, 0xde, 0xee, 0x69, 0x7f, 0xba, 0x31, 0x02, 0x40, 0x7e, 0xbc,
183 0x60, 0x55, 0x4e, 0xd5, 0xc8, 0x6e, 0xf4, 0x0e, 0x57, 0xbe, 0x2e, 0xf9, 0x39, 0xbe, 0x59, 0x3f,
184 0xa2, 0x30, 0xbb, 0x57, 0xd1, 0xa3, 0x13, 0x2e, 0x55, 0x7c, 0x7c, 0x6a, 0xd8, 0xde, 0x02, 0xbe,
185 0x9e, 0xed, 0x10, 0xd0, 0xc5, 0x73, 0x1d, 0xea, 0x3e, 0xb1, 0x55, 0x81, 0x02, 0xef, 0x48, 0xc8,
186 0x1c, 0x5c, 0x7a, 0x92, 0xb0, 0x58, 0xd3, 0x19, 0x5b, 0x5d, 0xa2, 0xb6, 0x56, 0x69, 0x02, 0x40,
187 0x1e, 0x00, 0x6a, 0x9f, 0xba, 0xee, 0x46, 0x5a, 0xc5, 0xb5, 0x9f, 0x91, 0x33, 0xdd, 0xc9, 0x96,
188 0x75, 0xb7, 0x87, 0xcf, 0x18, 0x1c, 0xb7, 0xb9, 0x3f, 0x04, 0x10, 0xb8, 0x75, 0xa9, 0xb8, 0xa0,
189 0x31, 0x35, 0x03, 0x30, 0x89, 0xc8, 0x37, 0x68, 0x20, 0x30, 0x99, 0x39, 0x96, 0xd6, 0x2b, 0x3d,
190 0x5e, 0x45, 0x84, 0xf7, 0xd2, 0x61, 0x50, 0xc9, 0x50, 0xba, 0x8d, 0x08, 0xaa, 0xd0, 0x08, 0x1e,
191 };
192
193
194 static const PKCS12_ATTR ATTRS1[] = {
195 { "friendlyName", "george" },
196 { "localKeyID", "1234567890" },
197 { "1.2.3.4.5", "MyCustomAttribute" },
198 { NULL, NULL }
199 };
200
201 static const PKCS12_ATTR ATTRS2[] = {
202 { "friendlyName", "janet" },
203 { "localKeyID", "987654321" },
204 { "1.2.3.5.8.13", "AnotherCustomAttribute" },
205 { NULL, NULL }
206 };
207
208 static const PKCS12_ENC enc_default = {
209 #ifndef OPENSSL_NO_DES
210 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
211 #else
212 NID_aes_128_cbc,
213 #endif
214 "Password1",
215 1000
216 };
217
218 static const PKCS12_ENC mac_default = {
219 NID_sha1,
220 "Password1",
221 1000
222 };
223
224 static const int enc_nids_all[] = {
225 /* NOTE: To use PBES2 we pass the desired cipher NID instead of NID_pbes2 */
226 NID_aes_128_cbc,
227 NID_aes_256_cbc,
228 #ifndef OPENSSL_NO_DES
229 NID_des_ede3_cbc,
230 NID_des_cbc,
231 #endif
232 #ifndef OPENSSL_NO_RC5
233 NID_rc5_cbc,
234 #endif
235 #ifndef OPENSSL_NO_RC4
236 NID_rc4,
237 #endif
238 #ifndef OPENSSL_NO_RC2
239 NID_rc2_cbc,
240 #endif
241
242 #ifndef OPENSSL_NO_MD2
243 # ifndef OPENSSL_NO_DES
244 NID_pbeWithMD2AndDES_CBC,
245 # endif
246 # ifndef OPENSSL_NO_RC2
247 NID_pbeWithMD2AndRC2_CBC,
248 # endif
249 #endif
250
251 #ifndef OPENSSL_NO_MD5
252 # ifndef OPENSSL_NO_DES
253 NID_pbeWithMD5AndDES_CBC,
254 # endif
255 # ifndef OPENSSL_NO_RC2
256 NID_pbeWithMD5AndRC2_CBC,
257 # endif
258 #endif
259 #ifndef OPENSSL_NO_DES
260 NID_pbeWithSHA1AndDES_CBC,
261 #endif
262 #ifndef OPENSSL_NO_RC2
263 NID_pbe_WithSHA1And128BitRC2_CBC,
264 NID_pbe_WithSHA1And40BitRC2_CBC,
265 NID_pbeWithSHA1AndRC2_CBC,
266 #endif
267 #ifndef OPENSSL_NO_RC4
268 NID_pbe_WithSHA1And128BitRC4,
269 NID_pbe_WithSHA1And40BitRC4,
270 #endif
271 #ifndef OPENSSL_NO_DES
272 NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
273 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
274 #endif
275 };
276
277 static const int enc_nids_no_legacy[] = {
278 /* NOTE: To use PBES2 we pass the desired cipher NID instead of NID_pbes2 */
279 NID_aes_128_cbc,
280 NID_aes_256_cbc,
281 #ifndef OPENSSL_NO_DES
282 NID_des_ede3_cbc,
283 NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
284 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
285 #endif
286 };
287
288 static const int mac_nids[] = {
289 NID_sha1,
290 NID_md5,
291 NID_sha256,
292 NID_sha512,
293 NID_sha3_256,
294 NID_sha3_512
295 };
296
297 static const int iters[] = {
298 1,
299 1000
300 };
301
302 static const char *passwords[] = {
303 "Password1",
304 "",
305 };
306
307 /* --------------------------------------------------------------------------
308 * Local functions
309 */
310
get_custom_oid(void)311 static int get_custom_oid(void)
312 {
313 static int sec_nid = -1;
314
315 if (sec_nid != -1)
316 return sec_nid;
317 if (!TEST_true(OBJ_create("1.3.5.7.9", "CustomSecretOID", "My custom secret OID")))
318 return -1;
319 return sec_nid = OBJ_txt2nid("CustomSecretOID");
320 }
321
322
323 /* --------------------------------------------------------------------------
324 * PKCS12 format tests
325 */
326
test_single_cert_no_attrs(void)327 static int test_single_cert_no_attrs(void)
328 {
329 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert.p12");
330
331 /* Generate/encode */
332 start_pkcs12(pb);
333
334 start_contentinfo(pb);
335
336 add_certbag(pb, CERT1, sizeof(CERT1), NULL);
337
338 end_contentinfo(pb);
339
340 end_pkcs12(pb);
341
342 /* Read/decode */
343 start_check_pkcs12(pb);
344
345 start_check_contentinfo(pb);
346
347 check_certbag(pb, CERT1, sizeof(CERT1), NULL);
348
349 end_check_contentinfo(pb);
350
351 end_check_pkcs12(pb);
352
353 return end_pkcs12_builder(pb);
354 }
355
test_single_key(PKCS12_ENC * enc)356 static int test_single_key(PKCS12_ENC *enc)
357 {
358 char fname[80];
359 PKCS12_BUILDER *pb;
360
361 sprintf(fname, "1key_ciph-%s_iter-%d.p12", OBJ_nid2sn(enc->nid), enc->iter);
362
363 pb = new_pkcs12_builder(fname);
364
365 /* Generate/encode */
366 start_pkcs12(pb);
367
368 start_contentinfo(pb);
369
370 add_keybag(pb, KEY1, sizeof(KEY1), NULL, enc);
371
372 end_contentinfo(pb);
373
374 end_pkcs12(pb);
375
376 /* Read/decode */
377 start_check_pkcs12(pb);
378
379 start_check_contentinfo(pb);
380
381 check_keybag(pb, KEY1, sizeof(KEY1), NULL, enc);
382
383 end_check_contentinfo(pb);
384
385 end_check_pkcs12(pb);
386
387 return end_pkcs12_builder(pb);
388 }
389
test_single_key_enc_alg(int z)390 static int test_single_key_enc_alg(int z)
391 {
392 PKCS12_ENC enc;
393
394 if (lgcyprov == NULL)
395 enc.nid = enc_nids_no_legacy[z];
396 else
397 enc.nid = enc_nids_all[z];
398 enc.pass = enc_default.pass;
399 enc.iter = enc_default.iter;
400
401 return test_single_key(&enc);
402 }
403
test_single_key_enc_pass(int z)404 static int test_single_key_enc_pass(int z)
405 {
406 PKCS12_ENC enc;
407
408 enc.nid = enc_default.nid;
409 enc.pass = passwords[z];
410 enc.iter = enc_default.iter;
411
412 return test_single_key(&enc);
413 }
414
test_single_key_enc_iter(int z)415 static int test_single_key_enc_iter(int z)
416 {
417 PKCS12_ENC enc;
418
419 enc.nid = enc_default.nid;
420 enc.pass = enc_default.pass;
421 enc.iter = iters[z];
422
423 return test_single_key(&enc);
424 }
425
test_single_key_with_attrs(void)426 static int test_single_key_with_attrs(void)
427 {
428 PKCS12_BUILDER *pb = new_pkcs12_builder("1keyattrs.p12");
429
430 /* Generate/encode */
431 start_pkcs12(pb);
432
433 start_contentinfo(pb);
434
435 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
436
437 end_contentinfo(pb);
438
439 end_pkcs12(pb);
440
441 /* Read/decode */
442 start_check_pkcs12(pb);
443
444 start_check_contentinfo(pb);
445
446 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
447
448 end_check_contentinfo(pb);
449
450 end_check_pkcs12(pb);
451
452 return end_pkcs12_builder(pb);
453 }
454
test_single_cert_mac(PKCS12_ENC * mac)455 static int test_single_cert_mac(PKCS12_ENC *mac)
456 {
457 char fname[80];
458 PKCS12_BUILDER *pb;
459
460 sprintf(fname, "1cert_mac-%s_iter-%d.p12", OBJ_nid2sn(mac->nid), mac->iter);
461
462 pb = new_pkcs12_builder(fname);
463
464 /* Generate/encode */
465 start_pkcs12(pb);
466
467 start_contentinfo(pb);
468
469 add_certbag(pb, CERT1, sizeof(CERT1), NULL);
470
471 end_contentinfo(pb);
472
473 end_pkcs12_with_mac(pb, mac);
474
475 /* Read/decode */
476 start_check_pkcs12_with_mac(pb, mac);
477
478 start_check_contentinfo(pb);
479
480 check_certbag(pb, CERT1, sizeof(CERT1), NULL);
481
482 end_check_contentinfo(pb);
483
484 end_check_pkcs12(pb);
485
486 return end_pkcs12_builder(pb);
487 }
488
test_single_cert_mac_alg(int z)489 static int test_single_cert_mac_alg(int z)
490 {
491 PKCS12_ENC mac;
492
493 mac.nid = mac_nids[z];
494 mac.pass = mac_default.pass;
495 mac.iter = mac_default.iter;
496
497 return test_single_cert_mac(&mac);
498 }
499
test_single_cert_mac_pass(int z)500 static int test_single_cert_mac_pass(int z)
501 {
502 PKCS12_ENC mac;
503
504 mac.nid = mac_default.nid;
505 mac.pass = passwords[z];
506 mac.iter = mac_default.iter;
507
508 return test_single_cert_mac(&mac);
509 }
510
test_single_cert_mac_iter(int z)511 static int test_single_cert_mac_iter(int z)
512 {
513 PKCS12_ENC mac;
514
515 mac.nid = mac_default.nid;
516 mac.pass = mac_default.pass;
517 mac.iter = iters[z];
518
519 return test_single_cert_mac(&mac);
520 }
521
test_cert_key_with_attrs_and_mac(void)522 static int test_cert_key_with_attrs_and_mac(void)
523 {
524 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key.p12");
525
526 /* Generate/encode */
527 start_pkcs12(pb);
528
529 start_contentinfo(pb);
530
531 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
532 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
533
534 end_contentinfo(pb);
535
536 end_pkcs12_with_mac(pb, &mac_default);
537
538 /* Read/decode */
539 start_check_pkcs12_with_mac(pb, &mac_default);
540
541 start_check_contentinfo(pb);
542
543 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
544 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
545
546 end_check_contentinfo(pb);
547
548 end_check_pkcs12(pb);
549
550 return end_pkcs12_builder(pb);
551 }
552
test_cert_key_encrypted_content(void)553 static int test_cert_key_encrypted_content(void)
554 {
555 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key_enc.p12");
556
557 /* Generate/encode */
558 start_pkcs12(pb);
559
560 start_contentinfo(pb);
561
562 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
563 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
564
565 end_contentinfo_encrypted(pb, &enc_default);
566
567 end_pkcs12_with_mac(pb, &mac_default);
568
569 /* Read/decode */
570 start_check_pkcs12_with_mac(pb, &mac_default);
571
572 start_check_contentinfo_encrypted(pb, &enc_default);
573
574 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
575 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
576
577 end_check_contentinfo(pb);
578
579 end_check_pkcs12(pb);
580
581 return end_pkcs12_builder(pb);
582 }
583
test_single_secret_encrypted_content(void)584 static int test_single_secret_encrypted_content(void)
585 {
586 PKCS12_BUILDER *pb = new_pkcs12_builder("1secret.p12");
587 int custom_nid = get_custom_oid();
588
589 /* Generate/encode */
590 start_pkcs12(pb);
591
592 start_contentinfo(pb);
593
594 add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
595
596 end_contentinfo_encrypted(pb, &enc_default);
597
598 end_pkcs12_with_mac(pb, &mac_default);
599
600 /* Read/decode */
601 start_check_pkcs12_with_mac(pb, &mac_default);
602
603 start_check_contentinfo_encrypted(pb, &enc_default);
604
605 check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
606
607 end_check_contentinfo(pb);
608
609 end_check_pkcs12(pb);
610
611 return end_pkcs12_builder(pb);
612 }
613
test_single_secret(PKCS12_ENC * enc)614 static int test_single_secret(PKCS12_ENC *enc)
615 {
616 int custom_nid;
617 char fname[80];
618 PKCS12_BUILDER *pb;
619
620 sprintf(fname, "1secret_ciph-%s_iter-%d.p12", OBJ_nid2sn(enc->nid), enc->iter);
621 pb = new_pkcs12_builder(fname);
622 custom_nid = get_custom_oid();
623
624 /* Generate/encode */
625 start_pkcs12(pb);
626
627 start_contentinfo(pb);
628
629 add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
630
631 end_contentinfo_encrypted(pb, enc);
632
633 end_pkcs12_with_mac(pb, &mac_default);
634
635 /* Read/decode */
636 start_check_pkcs12_with_mac(pb, &mac_default);
637
638 start_check_contentinfo_encrypted(pb, enc);
639
640 check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1);
641
642 end_check_contentinfo(pb);
643
644 end_check_pkcs12(pb);
645
646 return end_pkcs12_builder(pb);
647 }
648
test_single_secret_enc_alg(int z)649 static int test_single_secret_enc_alg(int z)
650 {
651 PKCS12_ENC enc;
652
653 if (lgcyprov == NULL)
654 enc.nid = enc_nids_no_legacy[z];
655 else
656 enc.nid = enc_nids_all[z];
657 enc.pass = enc_default.pass;
658 enc.iter = enc_default.iter;
659
660 return test_single_secret(&enc);
661 }
662
test_multiple_contents(void)663 static int test_multiple_contents(void)
664 {
665 PKCS12_BUILDER *pb = new_pkcs12_builder("multi_contents.p12");
666 int custom_nid = get_custom_oid();
667
668 /* Generate/encode */
669 start_pkcs12(pb);
670
671 start_contentinfo(pb);
672
673 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
674 add_certbag(pb, CERT2, sizeof(CERT2), ATTRS2);
675 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
676 add_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default);
677
678 end_contentinfo(pb);
679
680 start_contentinfo(pb);
681
682 add_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1);
683
684 end_contentinfo_encrypted(pb, &enc_default);
685
686 end_pkcs12_with_mac(pb, &mac_default);
687
688 /* Read/decode */
689 start_check_pkcs12_with_mac(pb, &mac_default);
690
691 start_check_contentinfo(pb);
692
693 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1);
694 check_certbag(pb, CERT2, sizeof(CERT2), ATTRS2);
695 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default);
696 check_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default);
697
698 end_check_contentinfo(pb);
699
700 start_check_contentinfo_encrypted(pb, &enc_default);
701
702 check_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1);
703
704 end_check_contentinfo(pb);
705
706 end_check_pkcs12(pb);
707
708 return end_pkcs12_builder(pb);
709 }
710
711 #ifndef OPENSSL_NO_DES
pkcs12_create_test(void)712 static int pkcs12_create_test(void)
713 {
714 int ret = 0;
715 EVP_PKEY *pkey = NULL;
716 PKCS12 *p12 = NULL;
717 const unsigned char *p;
718
719 static const unsigned char rsa_key[] = {
720 0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbb,
721 0x24, 0x7a, 0x09, 0x7e, 0x0e, 0xb2, 0x37, 0x32, 0xcc, 0x39, 0x67, 0xad,
722 0xf1, 0x9e, 0x3d, 0x6b, 0x82, 0x83, 0xd1, 0xd0, 0xac, 0xa4, 0xc0, 0x18,
723 0xbe, 0x8d, 0x98, 0x00, 0xc0, 0x7b, 0xff, 0x07, 0x44, 0xc9, 0xca, 0x1c,
724 0xba, 0x36, 0xe1, 0x27, 0x69, 0xff, 0xb1, 0xe3, 0x8d, 0x8b, 0xee, 0x57,
725 0xa9, 0x3a, 0xaa, 0x16, 0x43, 0x39, 0x54, 0x19, 0x7c, 0xae, 0x69, 0x24,
726 0x14, 0xf6, 0x64, 0xff, 0xbc, 0x74, 0xc6, 0x67, 0x6c, 0x4c, 0xf1, 0x02,
727 0x49, 0x69, 0xc7, 0x2b, 0xe1, 0xe1, 0xa1, 0xa3, 0x43, 0x14, 0xf4, 0x77,
728 0x8f, 0xc8, 0xd0, 0x85, 0x5a, 0x35, 0x95, 0xac, 0x62, 0xa9, 0xc1, 0x21,
729 0x00, 0x77, 0xa0, 0x8b, 0x97, 0x30, 0xb4, 0x5a, 0x2c, 0xb8, 0x90, 0x2f,
730 0x48, 0xa0, 0x05, 0x28, 0x4b, 0xf2, 0x0f, 0x8d, 0xec, 0x8b, 0x4d, 0x03,
731 0x42, 0x75, 0xd6, 0xad, 0x81, 0xc0, 0x11, 0x02, 0x03, 0x01, 0x00, 0x01,
732 0x02, 0x81, 0x80, 0x00, 0xfc, 0xb9, 0x4a, 0x26, 0x07, 0x89, 0x51, 0x2b,
733 0x53, 0x72, 0x91, 0xe0, 0x18, 0x3e, 0xa6, 0x5e, 0x31, 0xef, 0x9c, 0x0c,
734 0x16, 0x24, 0x42, 0xd0, 0x28, 0x33, 0xf9, 0xfa, 0xd0, 0x3c, 0x54, 0x04,
735 0x06, 0xc0, 0x15, 0xf5, 0x1b, 0x9a, 0xb3, 0x24, 0x31, 0xab, 0x3c, 0x6b,
736 0x47, 0x43, 0xb0, 0xd2, 0xa9, 0xdc, 0x05, 0xe1, 0x81, 0x59, 0xb6, 0x04,
737 0xe9, 0x66, 0x61, 0xaa, 0xd7, 0x0b, 0x00, 0x8f, 0x3d, 0xe5, 0xbf, 0xa2,
738 0xf8, 0x5e, 0x25, 0x6c, 0x1e, 0x22, 0x0f, 0xb4, 0xfd, 0x41, 0xe2, 0x03,
739 0x31, 0x5f, 0xda, 0x20, 0xc5, 0xc0, 0xf3, 0x55, 0x0e, 0xe1, 0xc9, 0xec,
740 0xd7, 0x3e, 0x2a, 0x0c, 0x01, 0xca, 0x7b, 0x22, 0xcb, 0xac, 0xf4, 0x2b,
741 0x27, 0xf0, 0x78, 0x5f, 0xb5, 0xc2, 0xf9, 0xe8, 0x14, 0x5a, 0x6e, 0x7e,
742 0x86, 0xbd, 0x6a, 0x9b, 0x20, 0x0c, 0xba, 0xcc, 0x97, 0x20, 0x11, 0x02,
743 0x41, 0x00, 0xc9, 0x59, 0x9f, 0x29, 0x8a, 0x5b, 0x9f, 0xe3, 0x2a, 0xd8,
744 0x7e, 0xc2, 0x40, 0x9f, 0xa8, 0x45, 0xe5, 0x3e, 0x11, 0x8d, 0x3c, 0xed,
745 0x6e, 0xab, 0xce, 0xd0, 0x65, 0x46, 0xd8, 0xc7, 0x07, 0x63, 0xb5, 0x23,
746 0x34, 0xf4, 0x9f, 0x7e, 0x1c, 0xc7, 0xc7, 0xf9, 0x65, 0xd1, 0xf4, 0x04,
747 0x42, 0x38, 0xbe, 0x3a, 0x0c, 0x9d, 0x08, 0x25, 0xfc, 0xa3, 0x71, 0xd9,
748 0xae, 0x0c, 0x39, 0x61, 0xf4, 0x89, 0x02, 0x41, 0x00, 0xed, 0xef, 0xab,
749 0xa9, 0xd5, 0x39, 0x9c, 0xee, 0x59, 0x1b, 0xff, 0xcf, 0x48, 0x44, 0x1b,
750 0xb6, 0x32, 0xe7, 0x46, 0x24, 0xf3, 0x04, 0x7f, 0xde, 0x95, 0x08, 0x6d,
751 0x75, 0x9e, 0x67, 0x17, 0xba, 0x5c, 0xa4, 0xd4, 0xe2, 0xe2, 0x4d, 0x77,
752 0xce, 0xeb, 0x66, 0x29, 0xc5, 0x96, 0xe0, 0x62, 0xbb, 0xe5, 0xac, 0xdc,
753 0x44, 0x62, 0x54, 0x86, 0xed, 0x64, 0x0c, 0xce, 0xd0, 0x60, 0x03, 0x9d,
754 0x49, 0x02, 0x40, 0x54, 0xd9, 0x18, 0x72, 0x27, 0xe4, 0xbe, 0x76, 0xbb,
755 0x1a, 0x6a, 0x28, 0x2f, 0x95, 0x58, 0x12, 0xc4, 0x2c, 0xa8, 0xb6, 0xcc,
756 0xe2, 0xfd, 0x0d, 0x17, 0x64, 0xc8, 0x18, 0xd7, 0xc6, 0xdf, 0x3d, 0x4c,
757 0x1a, 0x9e, 0xf9, 0x2a, 0xb0, 0xb9, 0x2e, 0x12, 0xfd, 0xec, 0xc3, 0x51,
758 0xc1, 0xed, 0xa9, 0xfd, 0xb7, 0x76, 0x93, 0x41, 0xd8, 0xc8, 0x22, 0x94,
759 0x1a, 0x77, 0xf6, 0x9c, 0xc3, 0xc3, 0x89, 0x02, 0x41, 0x00, 0x8e, 0xf9,
760 0xa7, 0x08, 0xad, 0xb5, 0x2a, 0x04, 0xdb, 0x8d, 0x04, 0xa1, 0xb5, 0x06,
761 0x20, 0x34, 0xd2, 0xcf, 0xc0, 0x89, 0xb1, 0x72, 0x31, 0xb8, 0x39, 0x8b,
762 0xcf, 0xe2, 0x8e, 0xa5, 0xda, 0x4f, 0x45, 0x1e, 0x53, 0x42, 0x66, 0xc4,
763 0x30, 0x4b, 0x29, 0x8e, 0xc1, 0x69, 0x17, 0x29, 0x8c, 0x8a, 0xe6, 0x0f,
764 0x82, 0x68, 0xa1, 0x41, 0xb3, 0xb6, 0x70, 0x99, 0x75, 0xa9, 0x27, 0x18,
765 0xe4, 0xe9, 0x02, 0x41, 0x00, 0x89, 0xea, 0x6e, 0x6d, 0x70, 0xdf, 0x25,
766 0x5f, 0x18, 0x3f, 0x48, 0xda, 0x63, 0x10, 0x8b, 0xfe, 0xa8, 0x0c, 0x94,
767 0x0f, 0xde, 0x97, 0x56, 0x53, 0x89, 0x94, 0xe2, 0x1e, 0x2c, 0x74, 0x3c,
768 0x91, 0x81, 0x34, 0x0b, 0xa6, 0x40, 0xf8, 0xcb, 0x2a, 0x60, 0x8c, 0xe0,
769 0x02, 0xb7, 0x89, 0x93, 0xcf, 0x18, 0x9f, 0x49, 0x54, 0xfd, 0x7d, 0x3f,
770 0x9a, 0xef, 0xd4, 0xa4, 0x4f, 0xc1, 0x45, 0x99, 0x91,
771 };
772
773 p = rsa_key;
774 if (!TEST_ptr(pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &p,
775 sizeof(rsa_key), NULL, NULL)))
776 goto err;
777 if (!TEST_int_eq(ERR_peek_error(), 0))
778 goto err;
779 p12 = PKCS12_create(NULL, NULL, pkey, NULL, NULL,
780 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
781 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 2, 1, 0);
782 if (!TEST_ptr(p12))
783 goto err;
784
785 if (!TEST_int_eq(ERR_peek_error(), 0))
786 goto err;
787 ret = 1;
788 err:
789 PKCS12_free(p12);
790 EVP_PKEY_free(pkey);
791 return ret;
792 }
793 #endif
794
pkcs12_recreate_test(void)795 static int pkcs12_recreate_test(void)
796 {
797 int ret = 0;
798 X509 *cert = NULL;
799 X509 *cert_parsed = NULL;
800 EVP_PKEY *pkey = NULL;
801 EVP_PKEY *pkey_parsed = NULL;
802 PKCS12 *p12 = NULL;
803 PKCS12 *p12_parsed = NULL;
804 PKCS12 *p12_recreated = NULL;
805 const unsigned char *cert_bytes = CERT1;
806 const unsigned char *key_bytes = KEY1;
807 BIO *bio = NULL;
808
809 cert = d2i_X509(NULL, &cert_bytes, sizeof(CERT1));
810 if (!TEST_ptr(cert))
811 goto err;
812 pkey = d2i_AutoPrivateKey(NULL, &key_bytes, sizeof(KEY1));
813 if (!TEST_ptr(pkey))
814 goto err;
815 p12 = PKCS12_create("pass", NULL, pkey, cert, NULL, NID_aes_256_cbc,
816 NID_aes_256_cbc, 2, 1, 0);
817 if (!TEST_ptr(p12))
818 goto err;
819 if (!TEST_int_eq(ERR_peek_error(), 0))
820 goto err;
821
822 bio = BIO_new(BIO_s_mem());
823 if (!TEST_ptr(bio))
824 goto err;
825 if (!TEST_int_eq(i2d_PKCS12_bio(bio, p12), 1))
826 goto err;
827 p12_parsed = PKCS12_init_ex(NID_pkcs7_data, testctx, NULL);
828 if (!TEST_ptr(p12_parsed))
829 goto err;
830 p12_parsed = d2i_PKCS12_bio(bio, &p12_parsed);
831 if (!TEST_ptr(p12_parsed))
832 goto err;
833 if (!TEST_int_eq(PKCS12_parse(p12_parsed, "pass", &pkey_parsed,
834 &cert_parsed, NULL), 1))
835 goto err;
836
837 /* cert_parsed also contains auxiliary data */
838 p12_recreated = PKCS12_create("new_pass", NULL, pkey_parsed, cert_parsed,
839 NULL, NID_aes_256_cbc, NID_aes_256_cbc,
840 2, 1, 0);
841 if (!TEST_ptr(p12_recreated))
842 goto err;
843 if (!TEST_int_eq(ERR_peek_error(), 0))
844 goto err;
845
846 ret = 1;
847 err:
848 BIO_free(bio);
849 PKCS12_free(p12);
850 PKCS12_free(p12_parsed);
851 PKCS12_free(p12_recreated);
852 EVP_PKEY_free(pkey);
853 EVP_PKEY_free(pkey_parsed);
854 X509_free(cert);
855 X509_free(cert_parsed);
856 return ret;
857 }
858
859 typedef enum OPTION_choice {
860 OPT_ERR = -1,
861 OPT_EOF = 0,
862 OPT_WRITE,
863 OPT_LEGACY,
864 OPT_CONTEXT,
865 OPT_TEST_ENUM
866 } OPTION_CHOICE;
867
test_get_options(void)868 const OPTIONS *test_get_options(void)
869 {
870 static const OPTIONS options[] = {
871 OPT_TEST_OPTIONS_DEFAULT_USAGE,
872 { "write", OPT_WRITE, '-', "Write PKCS12 objects to file" },
873 { "legacy", OPT_LEGACY, '-', "Test the legacy APIs" },
874 { "context", OPT_CONTEXT, '-', "Explicitly use a non-default library context" },
875 { NULL }
876 };
877 return options;
878 }
879
setup_tests(void)880 int setup_tests(void)
881 {
882 OPTION_CHOICE o;
883
884 while ((o = opt_next()) != OPT_EOF) {
885 switch (o) {
886 case OPT_WRITE:
887 PKCS12_helper_set_write_files(1);
888 break;
889 case OPT_LEGACY:
890 PKCS12_helper_set_legacy(1);
891 break;
892 case OPT_CONTEXT:
893 default_libctx = 0;
894 break;
895 case OPT_TEST_CASES:
896 break;
897 default:
898 return 0;
899 }
900 }
901
902 if (!default_libctx) {
903 testctx = OSSL_LIB_CTX_new();
904 if (!TEST_ptr(testctx))
905 return 0;
906 nullprov = OSSL_PROVIDER_load(NULL, "null");
907 if (!TEST_ptr(nullprov))
908 return 0;
909 }
910
911 deflprov = OSSL_PROVIDER_load(testctx, "default");
912 if (!TEST_ptr(deflprov))
913 return 0;
914 lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
915
916 PKCS12_helper_set_libctx(testctx);
917
918 /*
919 * Verify that the default and fips providers in the default libctx are not
920 * available if we are using a standalone context
921 */
922 if (!default_libctx) {
923 if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
924 || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
925 return 0;
926 }
927
928 ADD_TEST(test_single_cert_no_attrs);
929 if (lgcyprov == NULL) {
930 ADD_ALL_TESTS(test_single_key_enc_alg, OSSL_NELEM(enc_nids_no_legacy));
931 ADD_ALL_TESTS(test_single_secret_enc_alg, OSSL_NELEM(enc_nids_no_legacy));
932 } else {
933 ADD_ALL_TESTS(test_single_key_enc_alg, OSSL_NELEM(enc_nids_all));
934 ADD_ALL_TESTS(test_single_secret_enc_alg, OSSL_NELEM(enc_nids_all));
935 }
936 #ifndef OPENSSL_NO_DES
937 if (default_libctx)
938 ADD_TEST(pkcs12_create_test);
939 #endif
940 if (default_libctx)
941 ADD_TEST(pkcs12_recreate_test);
942 ADD_ALL_TESTS(test_single_key_enc_pass, OSSL_NELEM(passwords));
943 ADD_ALL_TESTS(test_single_key_enc_iter, OSSL_NELEM(iters));
944 ADD_TEST(test_single_key_with_attrs);
945 ADD_ALL_TESTS(test_single_cert_mac_alg, OSSL_NELEM(mac_nids));
946 ADD_ALL_TESTS(test_single_cert_mac_pass, OSSL_NELEM(passwords));
947 ADD_ALL_TESTS(test_single_cert_mac_iter, OSSL_NELEM(iters));
948 ADD_TEST(test_cert_key_with_attrs_and_mac);
949 ADD_TEST(test_cert_key_encrypted_content);
950 ADD_TEST(test_single_secret_encrypted_content);
951 ADD_TEST(test_multiple_contents);
952 return 1;
953 }
954
cleanup_tests(void)955 void cleanup_tests(void)
956 {
957 OSSL_PROVIDER_unload(nullprov);
958 OSSL_PROVIDER_unload(deflprov);
959 OSSL_PROVIDER_unload(lgcyprov);
960 OSSL_LIB_CTX_free(testctx);
961 }
962