1 /* 2 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <string.h> 12 #include <stdlib.h> 13 14 #include "internal/nelem.h" 15 16 #include <openssl/pkcs12.h> 17 #include <openssl/x509.h> 18 #include <openssl/x509v3.h> 19 #include <openssl/pem.h> 20 21 #include "testutil.h" 22 #include "helpers/pkcs12.h" 23 24 static int default_libctx = 1; 25 26 static OSSL_LIB_CTX *testctx = NULL; 27 static OSSL_PROVIDER *nullprov = NULL; 28 static OSSL_PROVIDER *deflprov = NULL; 29 static OSSL_PROVIDER *lgcyprov = NULL; 30 31 /* -------------------------------------------------------------------------- 32 * PKCS12 component test data 33 */ 34 35 static const unsigned char CERT1[] = 36 { 37 0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 38 0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe6, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 39 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 40 0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74, 41 0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36, 42 0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35, 43 0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50, 44 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2d, 0x31, 0x30, 45 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 46 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c, 47 0x7a, 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1, 48 0xc8, 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84, 49 0x81, 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf, 50 0xc7, 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b, 51 0x84, 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72, 52 0x31, 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9, 53 0x19, 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44, 54 0xc1, 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00, 55 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 56 0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02, 57 0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 58 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d, 59 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81, 60 0x00, 0x1c, 0x13, 0xdc, 0x02, 0xf1, 0x44, 0x36, 0x65, 0xa9, 0xbe, 0x30, 0x1c, 0x66, 0x14, 0x20, 61 0x86, 0x5a, 0xa8, 0x69, 0x25, 0xf8, 0x1a, 0xb6, 0x9e, 0x5e, 0xe9, 0x89, 0xb8, 0x67, 0x70, 0x19, 62 0x87, 0x60, 0xeb, 0x4b, 0x11, 0x71, 0x85, 0xf8, 0xe9, 0xa7, 0x3e, 0x20, 0x42, 0xec, 0x43, 0x25, 63 0x01, 0x03, 0xe5, 0x4d, 0x83, 0x22, 0xf5, 0x8e, 0x3a, 0x1a, 0x1b, 0xd4, 0x1c, 0xda, 0x6b, 0x9d, 64 0x10, 0x1b, 0xee, 0x67, 0x4e, 0x1f, 0x69, 0xab, 0xbc, 0xaa, 0x62, 0x8e, 0x9e, 0xc6, 0xee, 0xd6, 65 0x09, 0xc0, 0xca, 0xe0, 0xaa, 0x9f, 0x07, 0xb2, 0xc2, 0xbb, 0x31, 0x96, 0xa2, 0x04, 0x62, 0xd3, 66 0x13, 0x32, 0x29, 0x67, 0x6e, 0xad, 0x2e, 0x0b, 0xea, 0x04, 0x7c, 0x8c, 0x5a, 0x5d, 0xac, 0x14, 67 0xaa, 0x61, 0x7f, 0x28, 0x6c, 0x2d, 0x64, 0x2d, 0xc3, 0xaf, 0x77, 0x52, 0x90, 0xb4, 0x37, 0xc0, 68 0x30, 69 }; 70 71 static const unsigned char CERT2[] = 72 { 73 0x30, 0x82, 0x01, 0xed, 0x30, 0x82, 0x01, 0x56, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 74 0x8b, 0x4b, 0x5e, 0x6c, 0x03, 0x28, 0x4e, 0xe7, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 75 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x19, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 76 0x04, 0x03, 0x0c, 0x0e, 0x50, 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x52, 0x6f, 0x6f, 0x74, 77 0x2d, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x39, 0x33, 0x30, 0x30, 0x30, 0x34, 0x36, 78 0x35, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x39, 0x32, 0x37, 0x30, 0x30, 0x34, 0x36, 0x35, 79 0x36, 0x5a, 0x30, 0x1b, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x10, 0x50, 80 0x31, 0x32, 0x54, 0x65, 0x73, 0x74, 0x2d, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2d, 0x31, 0x30, 81 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 82 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86, 83 0x9f, 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35, 84 0x4d, 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8, 85 0xa5, 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03, 86 0x98, 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e, 87 0x31, 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc, 88 0x70, 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49, 89 0xd3, 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe, 90 0x2d, 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00, 91 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 92 0x80, 0x14, 0xdb, 0xbb, 0xb8, 0x92, 0x4e, 0x24, 0x0b, 0x1b, 0xbb, 0x78, 0x33, 0xf9, 0x01, 0x02, 93 0x23, 0x0d, 0x96, 0x18, 0x30, 0x47, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 94 0x00, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x04, 0xf0, 0x30, 0x0d, 95 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x81, 0x81, 96 0x00, 0x3b, 0xa6, 0x73, 0xbe, 0xe0, 0x28, 0xed, 0x1f, 0x29, 0x78, 0x4c, 0xc0, 0x1f, 0xe9, 0x85, 97 0xc6, 0x8f, 0xe3, 0x87, 0x7c, 0xd9, 0xe7, 0x0a, 0x37, 0xe8, 0xaa, 0xb5, 0xd2, 0x7f, 0xf8, 0x90, 98 0x20, 0x80, 0x35, 0xa7, 0x79, 0x2b, 0x04, 0xa7, 0xbf, 0xe6, 0x7b, 0x58, 0xcb, 0xec, 0x0e, 0x58, 99 0xef, 0x2a, 0x70, 0x8a, 0x56, 0x8a, 0xcf, 0x6b, 0x7a, 0x74, 0x0c, 0xf4, 0x15, 0x37, 0x93, 0xcd, 100 0xe6, 0xb2, 0xa1, 0x83, 0x09, 0xdb, 0x9e, 0x4f, 0xff, 0x6a, 0x17, 0x4f, 0x33, 0xc9, 0xcc, 0x90, 101 0x2a, 0x67, 0xff, 0x16, 0x78, 0xa8, 0x2c, 0x10, 0xe0, 0x52, 0x8c, 0xe6, 0xe9, 0x90, 0x8d, 0xe0, 102 0x62, 0x04, 0x9a, 0x0f, 0x44, 0x01, 0x82, 0x14, 0x92, 0x44, 0x25, 0x69, 0x22, 0xb7, 0xb8, 0xc5, 103 0x94, 0x4c, 0x4b, 0x1c, 0x9b, 0x92, 0x60, 0x66, 0x90, 0x4e, 0xb9, 0xa8, 0x4c, 0x89, 0xbb, 0x0f, 104 0x0b, 105 }; 106 107 static const unsigned char KEY1[] = 108 { 109 0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbc, 0xdc, 0x6f, 0x8c, 0x7a, 110 0x2a, 0x4b, 0xea, 0x66, 0x66, 0x04, 0xa9, 0x05, 0x92, 0x53, 0xd7, 0x13, 0x3c, 0x49, 0xe1, 0xc8, 111 0xbb, 0xdf, 0x3d, 0xcb, 0x88, 0x31, 0x07, 0x20, 0x59, 0x93, 0x24, 0x7f, 0x7d, 0xc6, 0x84, 0x81, 112 0x16, 0x64, 0x4a, 0x52, 0xa6, 0x30, 0x44, 0xdc, 0x1a, 0x30, 0xde, 0xae, 0x29, 0x18, 0xcf, 0xc7, 113 0xf3, 0xcf, 0x0c, 0xb7, 0x8e, 0x2b, 0x1e, 0x21, 0x01, 0x0b, 0xfb, 0xe5, 0xe6, 0xcf, 0x2b, 0x84, 114 0xe1, 0x33, 0xf8, 0xba, 0x02, 0xfc, 0x30, 0xfa, 0xc4, 0x33, 0xc7, 0x37, 0xc6, 0x7f, 0x72, 0x31, 115 0x92, 0x1d, 0x8f, 0xa0, 0xfb, 0xe5, 0x4a, 0x08, 0x31, 0x78, 0x80, 0x9c, 0x23, 0xb4, 0xe9, 0x19, 116 0x56, 0x04, 0xfa, 0x0d, 0x07, 0x04, 0xb7, 0x43, 0xac, 0x4c, 0x49, 0x7c, 0xc2, 0xa1, 0x44, 0xc1, 117 0x48, 0x7d, 0x28, 0xe5, 0x23, 0x66, 0x07, 0x22, 0xd5, 0xf0, 0xf1, 0x02, 0x03, 0x01, 0x00, 0x01, 118 0x02, 0x81, 0x81, 0x00, 0xa5, 0x6d, 0xf9, 0x8f, 0xf5, 0x5a, 0xa3, 0x50, 0xd9, 0x0d, 0x37, 0xbb, 119 0xce, 0x13, 0x94, 0xb8, 0xea, 0x32, 0x7f, 0x0c, 0xf5, 0x46, 0x0b, 0x90, 0x17, 0x7e, 0x5e, 0x63, 120 0xbd, 0xa4, 0x78, 0xcd, 0x19, 0x97, 0xd4, 0x92, 0x30, 0x78, 0xaa, 0xb4, 0xa7, 0x9c, 0xc6, 0xdf, 121 0x2a, 0x65, 0x0e, 0xb5, 0x9f, 0x9c, 0x84, 0x0d, 0x4d, 0x3a, 0x74, 0xfc, 0xd0, 0xb4, 0x09, 0x74, 122 0xc4, 0xb8, 0x24, 0x03, 0xa8, 0xf0, 0xf8, 0x0d, 0x5c, 0x8e, 0xdf, 0x4b, 0xe1, 0x0a, 0x8f, 0x4f, 123 0xd5, 0xc7, 0x9b, 0x54, 0x55, 0x8f, 0x00, 0x5c, 0xea, 0x4c, 0x73, 0xf9, 0x1b, 0xbf, 0xb8, 0x93, 124 0x33, 0x20, 0xce, 0x45, 0xd9, 0x03, 0x02, 0xb2, 0x36, 0xc5, 0x0a, 0x30, 0x50, 0x78, 0x80, 0x66, 125 0x00, 0x22, 0x38, 0x86, 0xcf, 0x63, 0x4a, 0x5c, 0xbf, 0x2b, 0xd9, 0x6e, 0xe6, 0xf0, 0x39, 0xad, 126 0x12, 0x25, 0x41, 0xb9, 0x02, 0x41, 0x00, 0xf3, 0x7c, 0x07, 0x99, 0x64, 0x3a, 0x28, 0x8c, 0x8d, 127 0x05, 0xfe, 0x32, 0xb5, 0x4c, 0x8c, 0x6d, 0xde, 0x3d, 0x16, 0x08, 0xa0, 0x01, 0x61, 0x4f, 0x8e, 128 0xa0, 0xf7, 0x26, 0x26, 0xb5, 0x8e, 0xc0, 0x7a, 0xce, 0x86, 0x34, 0xde, 0xb8, 0xef, 0x86, 0x01, 129 0xbe, 0x24, 0xaa, 0x9b, 0x36, 0x93, 0x72, 0x9b, 0xf9, 0xc6, 0xcb, 0x76, 0x84, 0x67, 0x06, 0x06, 130 0x30, 0x50, 0xdf, 0x42, 0x17, 0xe0, 0xa7, 0x02, 0x41, 0x00, 0xc6, 0x91, 0xa0, 0x41, 0x34, 0x11, 131 0x67, 0x4b, 0x08, 0x0f, 0xda, 0xa7, 0x99, 0xec, 0x58, 0x11, 0xa5, 0x82, 0xdb, 0x50, 0xfe, 0x77, 132 0xe2, 0xd1, 0x53, 0x9c, 0x7d, 0xe8, 0xbf, 0xe7, 0x7c, 0xa9, 0x01, 0xb1, 0x87, 0xc3, 0x52, 0x79, 133 0x9e, 0x2c, 0xa7, 0x6f, 0x02, 0x37, 0x32, 0xef, 0x24, 0x31, 0x21, 0x0b, 0x86, 0x05, 0x32, 0x4a, 134 0x2e, 0x0b, 0x65, 0x05, 0xd3, 0xd6, 0x30, 0xb2, 0xfc, 0xa7, 0x02, 0x41, 0x00, 0xc2, 0xed, 0x31, 135 0xdc, 0x40, 0x9c, 0x3a, 0xe8, 0x42, 0xe2, 0x60, 0x5e, 0x52, 0x3c, 0xc5, 0x54, 0x14, 0x0e, 0x8d, 136 0x7c, 0x3c, 0x34, 0xbe, 0xa6, 0x05, 0x86, 0xa2, 0x36, 0x5d, 0xd9, 0x0e, 0x3e, 0xd4, 0x52, 0x50, 137 0xa9, 0x35, 0x01, 0x93, 0x68, 0x92, 0x2e, 0x9a, 0x86, 0x27, 0x1a, 0xab, 0x32, 0x9e, 0xe2, 0x79, 138 0x9f, 0x5b, 0xf3, 0xa5, 0xd2, 0xf1, 0xd3, 0x6e, 0x7b, 0x3e, 0x1b, 0x85, 0x93, 0x02, 0x40, 0x68, 139 0xb8, 0xb6, 0x7e, 0x8c, 0xba, 0x3c, 0xf2, 0x8a, 0x2e, 0xea, 0x4f, 0x07, 0xd3, 0x68, 0x62, 0xee, 140 0x1a, 0x04, 0x16, 0x44, 0x0d, 0xef, 0xf6, 0x1b, 0x95, 0x65, 0xa5, 0xd1, 0x47, 0x81, 0x2c, 0x14, 141 0xb3, 0x8e, 0xf9, 0x08, 0xcf, 0x11, 0x07, 0x55, 0xca, 0x2a, 0xad, 0xf7, 0xd3, 0xbd, 0x0f, 0x97, 142 0xf0, 0xde, 0xde, 0x70, 0xb6, 0x44, 0x70, 0x47, 0xf7, 0xf9, 0xcf, 0x75, 0x61, 0x7f, 0xf3, 0x02, 143 0x40, 0x38, 0x4a, 0x67, 0xaf, 0xae, 0xb6, 0xb2, 0x6a, 0x00, 0x25, 0x5a, 0xa4, 0x65, 0x20, 0xb1, 144 0x13, 0xbd, 0x83, 0xff, 0xb4, 0xbc, 0xf4, 0xdd, 0xa1, 0xbb, 0x1c, 0x96, 0x37, 0x35, 0xf4, 0xbf, 145 0xed, 0x4c, 0xed, 0x92, 0xe8, 0xac, 0xc9, 0xc1, 0xa5, 0xa3, 0x23, 0x66, 0x40, 0x8a, 0xa1, 0xe6, 146 0xe3, 0x95, 0xfe, 0xc4, 0x53, 0xf5, 0x7d, 0x6e, 0xca, 0x45, 0x42, 0xe4, 0xc2, 0x9f, 0xe5, 0x1e, 147 0xb5, 148 }; 149 150 151 static const unsigned char KEY2[] = 152 { 153 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xa8, 0x6e, 0x40, 0x86, 0x9f, 154 0x98, 0x59, 0xfb, 0x57, 0xbf, 0xc1, 0x55, 0x12, 0x38, 0xeb, 0xb3, 0x46, 0x34, 0xc9, 0x35, 0x4d, 155 0xfd, 0x03, 0xe9, 0x3a, 0x88, 0x9e, 0x97, 0x8f, 0xf4, 0xec, 0x36, 0x7b, 0x3f, 0xba, 0xb8, 0xa5, 156 0x96, 0x30, 0x03, 0xc5, 0xc6, 0xd9, 0xa8, 0x4e, 0xbc, 0x23, 0x51, 0xa1, 0x96, 0xd2, 0x03, 0x98, 157 0x73, 0xb6, 0x17, 0x9c, 0x77, 0xd4, 0x95, 0x1e, 0x1b, 0xb3, 0x1b, 0xc8, 0x71, 0xd1, 0x2e, 0x31, 158 0xc7, 0x6a, 0x75, 0x57, 0x08, 0x7f, 0xba, 0x70, 0x76, 0xf7, 0x67, 0xf4, 0x4e, 0xbe, 0xfc, 0x70, 159 0x61, 0x41, 0x07, 0x2b, 0x7c, 0x3c, 0x3b, 0xb3, 0xbc, 0xd5, 0xa8, 0xbd, 0x28, 0xd8, 0x49, 0xd3, 160 0xe1, 0x78, 0xc8, 0xc1, 0x42, 0x5e, 0x18, 0x36, 0xa8, 0x41, 0xf7, 0xc8, 0xaa, 0x35, 0xfe, 0x2d, 161 0xd1, 0xb4, 0xcc, 0x00, 0x67, 0xae, 0x79, 0xd3, 0x28, 0xd5, 0x5b, 0x02, 0x03, 0x01, 0x00, 0x01, 162 0x02, 0x81, 0x81, 0x00, 0xa6, 0x00, 0x83, 0xf8, 0x2b, 0x33, 0xac, 0xfb, 0xdb, 0xf0, 0x52, 0x4b, 163 0xd6, 0x39, 0xe3, 0x94, 0x3d, 0x8d, 0xa9, 0x01, 0xb0, 0x6b, 0xbe, 0x7f, 0x10, 0x01, 0xb6, 0xcd, 164 0x0a, 0x45, 0x0a, 0xca, 0x67, 0x8e, 0xd8, 0x29, 0x44, 0x8a, 0x51, 0xa8, 0x66, 0x35, 0x26, 0x30, 165 0x8b, 0xe9, 0x41, 0xa6, 0x22, 0xec, 0xd2, 0xf0, 0x58, 0x41, 0x33, 0x26, 0xf2, 0x3f, 0xe8, 0x75, 166 0x4f, 0xc7, 0x5d, 0x2e, 0x5a, 0xa8, 0x7a, 0xd2, 0xbf, 0x59, 0xa0, 0x86, 0x79, 0x0b, 0x92, 0x6c, 167 0x95, 0x5d, 0x87, 0x63, 0x5c, 0xd6, 0x1a, 0xc0, 0xf6, 0x7a, 0x15, 0x8d, 0xc7, 0x3c, 0xb6, 0x9e, 168 0xa6, 0x58, 0x46, 0x9b, 0xbf, 0x3e, 0x28, 0x8c, 0xdf, 0x1a, 0x87, 0xaa, 0x7e, 0xf5, 0xf2, 0xcb, 169 0x5e, 0x84, 0x2d, 0xf6, 0x82, 0x7e, 0x89, 0x4e, 0xf5, 0xe6, 0x3c, 0x92, 0x80, 0x1e, 0x98, 0x1c, 170 0x6a, 0x7b, 0x57, 0x01, 0x02, 0x41, 0x00, 0xdd, 0x60, 0x95, 0xd7, 0xa1, 0x9d, 0x0c, 0xa1, 0x84, 171 0xc5, 0x39, 0xca, 0x67, 0x4c, 0x1c, 0x06, 0x71, 0x5b, 0x5c, 0x2d, 0x8d, 0xce, 0xcd, 0xe2, 0x79, 172 0xc8, 0x33, 0xbe, 0x50, 0x37, 0x60, 0x9f, 0x3b, 0xb9, 0x59, 0x55, 0x22, 0x1f, 0xa5, 0x4b, 0x1d, 173 0xca, 0x38, 0xa0, 0xab, 0x87, 0x9c, 0x86, 0x0e, 0xdb, 0x1c, 0x4f, 0x4f, 0x07, 0xed, 0x18, 0x3f, 174 0x05, 0x3c, 0xec, 0x78, 0x11, 0xf6, 0x99, 0x02, 0x41, 0x00, 0xc2, 0xc5, 0xcf, 0xbe, 0x95, 0x91, 175 0xeb, 0xcf, 0x47, 0xf3, 0x33, 0x32, 0xc7, 0x7e, 0x93, 0x56, 0xf7, 0xd8, 0xf9, 0xd4, 0xb6, 0xd6, 176 0x20, 0xac, 0xba, 0x8a, 0x20, 0x19, 0x14, 0xab, 0xc5, 0x5d, 0xb2, 0x08, 0xcc, 0x77, 0x7c, 0x65, 177 0xa8, 0xdb, 0x66, 0x97, 0x36, 0x44, 0x2c, 0x63, 0xc0, 0x6a, 0x7e, 0xb0, 0x0b, 0x5c, 0x90, 0x12, 178 0x50, 0xb4, 0x36, 0x60, 0xc3, 0x1f, 0x22, 0x0c, 0xc8, 0x13, 0x02, 0x40, 0x33, 0xc8, 0x7e, 0x04, 179 0x7c, 0x97, 0x61, 0xf6, 0xfe, 0x39, 0xac, 0x34, 0xfe, 0x48, 0xbd, 0x5d, 0x7c, 0x72, 0xa4, 0x73, 180 0x3b, 0x72, 0x9e, 0x92, 0x55, 0x6e, 0x51, 0x3c, 0x39, 0x43, 0x5a, 0xe4, 0xa4, 0x71, 0xcc, 0xc5, 181 0xaf, 0x3f, 0xbb, 0xc8, 0x80, 0x65, 0x67, 0x2d, 0x9e, 0x32, 0x10, 0x99, 0x03, 0x2c, 0x99, 0xc8, 182 0xab, 0x71, 0xed, 0x31, 0xf8, 0xbb, 0xde, 0xee, 0x69, 0x7f, 0xba, 0x31, 0x02, 0x40, 0x7e, 0xbc, 183 0x60, 0x55, 0x4e, 0xd5, 0xc8, 0x6e, 0xf4, 0x0e, 0x57, 0xbe, 0x2e, 0xf9, 0x39, 0xbe, 0x59, 0x3f, 184 0xa2, 0x30, 0xbb, 0x57, 0xd1, 0xa3, 0x13, 0x2e, 0x55, 0x7c, 0x7c, 0x6a, 0xd8, 0xde, 0x02, 0xbe, 185 0x9e, 0xed, 0x10, 0xd0, 0xc5, 0x73, 0x1d, 0xea, 0x3e, 0xb1, 0x55, 0x81, 0x02, 0xef, 0x48, 0xc8, 186 0x1c, 0x5c, 0x7a, 0x92, 0xb0, 0x58, 0xd3, 0x19, 0x5b, 0x5d, 0xa2, 0xb6, 0x56, 0x69, 0x02, 0x40, 187 0x1e, 0x00, 0x6a, 0x9f, 0xba, 0xee, 0x46, 0x5a, 0xc5, 0xb5, 0x9f, 0x91, 0x33, 0xdd, 0xc9, 0x96, 188 0x75, 0xb7, 0x87, 0xcf, 0x18, 0x1c, 0xb7, 0xb9, 0x3f, 0x04, 0x10, 0xb8, 0x75, 0xa9, 0xb8, 0xa0, 189 0x31, 0x35, 0x03, 0x30, 0x89, 0xc8, 0x37, 0x68, 0x20, 0x30, 0x99, 0x39, 0x96, 0xd6, 0x2b, 0x3d, 190 0x5e, 0x45, 0x84, 0xf7, 0xd2, 0x61, 0x50, 0xc9, 0x50, 0xba, 0x8d, 0x08, 0xaa, 0xd0, 0x08, 0x1e, 191 }; 192 193 194 static const PKCS12_ATTR ATTRS1[] = { 195 { "friendlyName", "george" }, 196 { "localKeyID", "1234567890" }, 197 { "1.2.3.4.5", "MyCustomAttribute" }, 198 { NULL, NULL } 199 }; 200 201 static const PKCS12_ATTR ATTRS2[] = { 202 { "friendlyName", "janet" }, 203 { "localKeyID", "987654321" }, 204 { "1.2.3.5.8.13", "AnotherCustomAttribute" }, 205 { NULL, NULL } 206 }; 207 208 static const PKCS12_ENC enc_default = { 209 #ifndef OPENSSL_NO_DES 210 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 211 #else 212 NID_aes_128_cbc, 213 #endif 214 "Password1", 215 1000 216 }; 217 218 static const PKCS12_ENC mac_default = { 219 NID_sha1, 220 "Password1", 221 1000 222 }; 223 224 static const int enc_nids_all[] = { 225 /* NOTE: To use PBES2 we pass the desired cipher NID instead of NID_pbes2 */ 226 NID_aes_128_cbc, 227 NID_aes_256_cbc, 228 #ifndef OPENSSL_NO_DES 229 NID_des_ede3_cbc, 230 NID_des_cbc, 231 #endif 232 #ifndef OPENSSL_NO_RC5 233 NID_rc5_cbc, 234 #endif 235 #ifndef OPENSSL_NO_RC4 236 NID_rc4, 237 #endif 238 #ifndef OPENSSL_NO_RC2 239 NID_rc2_cbc, 240 #endif 241 242 #ifndef OPENSSL_NO_MD2 243 # ifndef OPENSSL_NO_DES 244 NID_pbeWithMD2AndDES_CBC, 245 # endif 246 # ifndef OPENSSL_NO_RC2 247 NID_pbeWithMD2AndRC2_CBC, 248 # endif 249 #endif 250 251 #ifndef OPENSSL_NO_MD5 252 # ifndef OPENSSL_NO_DES 253 NID_pbeWithMD5AndDES_CBC, 254 # endif 255 # ifndef OPENSSL_NO_RC2 256 NID_pbeWithMD5AndRC2_CBC, 257 # endif 258 #endif 259 #ifndef OPENSSL_NO_DES 260 NID_pbeWithSHA1AndDES_CBC, 261 #endif 262 #ifndef OPENSSL_NO_RC2 263 NID_pbe_WithSHA1And128BitRC2_CBC, 264 NID_pbe_WithSHA1And40BitRC2_CBC, 265 NID_pbeWithSHA1AndRC2_CBC, 266 #endif 267 #ifndef OPENSSL_NO_RC4 268 NID_pbe_WithSHA1And128BitRC4, 269 NID_pbe_WithSHA1And40BitRC4, 270 #endif 271 #ifndef OPENSSL_NO_DES 272 NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 273 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 274 #endif 275 }; 276 277 static const int enc_nids_no_legacy[] = { 278 /* NOTE: To use PBES2 we pass the desired cipher NID instead of NID_pbes2 */ 279 NID_aes_128_cbc, 280 NID_aes_256_cbc, 281 #ifndef OPENSSL_NO_DES 282 NID_des_ede3_cbc, 283 NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 284 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 285 #endif 286 }; 287 288 static const int mac_nids[] = { 289 NID_sha1, 290 NID_md5, 291 NID_sha256, 292 NID_sha512, 293 NID_sha3_256, 294 NID_sha3_512 295 }; 296 297 static const int iters[] = { 298 1, 299 1000 300 }; 301 302 static const char *passwords[] = { 303 "Password1", 304 "", 305 }; 306 307 /* -------------------------------------------------------------------------- 308 * Local functions 309 */ 310 311 static int get_custom_oid(void) 312 { 313 static int sec_nid = -1; 314 315 if (sec_nid != -1) 316 return sec_nid; 317 if (!TEST_true(OBJ_create("1.3.5.7.9", "CustomSecretOID", "My custom secret OID"))) 318 return -1; 319 return sec_nid = OBJ_txt2nid("CustomSecretOID"); 320 } 321 322 323 /* -------------------------------------------------------------------------- 324 * PKCS12 format tests 325 */ 326 327 static int test_single_cert_no_attrs(void) 328 { 329 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert.p12"); 330 331 /* Generate/encode */ 332 start_pkcs12(pb); 333 334 start_contentinfo(pb); 335 336 add_certbag(pb, CERT1, sizeof(CERT1), NULL); 337 338 end_contentinfo(pb); 339 340 end_pkcs12(pb); 341 342 /* Read/decode */ 343 start_check_pkcs12(pb); 344 345 start_check_contentinfo(pb); 346 347 check_certbag(pb, CERT1, sizeof(CERT1), NULL); 348 349 end_check_contentinfo(pb); 350 351 end_check_pkcs12(pb); 352 353 return end_pkcs12_builder(pb); 354 } 355 356 static int test_single_key(PKCS12_ENC *enc) 357 { 358 char fname[80]; 359 PKCS12_BUILDER *pb; 360 361 sprintf(fname, "1key_ciph-%s_iter-%d.p12", OBJ_nid2sn(enc->nid), enc->iter); 362 363 pb = new_pkcs12_builder(fname); 364 365 /* Generate/encode */ 366 start_pkcs12(pb); 367 368 start_contentinfo(pb); 369 370 add_keybag(pb, KEY1, sizeof(KEY1), NULL, enc); 371 372 end_contentinfo(pb); 373 374 end_pkcs12(pb); 375 376 /* Read/decode */ 377 start_check_pkcs12(pb); 378 379 start_check_contentinfo(pb); 380 381 check_keybag(pb, KEY1, sizeof(KEY1), NULL, enc); 382 383 end_check_contentinfo(pb); 384 385 end_check_pkcs12(pb); 386 387 return end_pkcs12_builder(pb); 388 } 389 390 static int test_single_key_enc_alg(int z) 391 { 392 PKCS12_ENC enc; 393 394 if (lgcyprov == NULL) 395 enc.nid = enc_nids_no_legacy[z]; 396 else 397 enc.nid = enc_nids_all[z]; 398 enc.pass = enc_default.pass; 399 enc.iter = enc_default.iter; 400 401 return test_single_key(&enc); 402 } 403 404 static int test_single_key_enc_pass(int z) 405 { 406 PKCS12_ENC enc; 407 408 enc.nid = enc_default.nid; 409 enc.pass = passwords[z]; 410 enc.iter = enc_default.iter; 411 412 return test_single_key(&enc); 413 } 414 415 static int test_single_key_enc_iter(int z) 416 { 417 PKCS12_ENC enc; 418 419 enc.nid = enc_default.nid; 420 enc.pass = enc_default.pass; 421 enc.iter = iters[z]; 422 423 return test_single_key(&enc); 424 } 425 426 static int test_single_key_with_attrs(void) 427 { 428 PKCS12_BUILDER *pb = new_pkcs12_builder("1keyattrs.p12"); 429 430 /* Generate/encode */ 431 start_pkcs12(pb); 432 433 start_contentinfo(pb); 434 435 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 436 437 end_contentinfo(pb); 438 439 end_pkcs12(pb); 440 441 /* Read/decode */ 442 start_check_pkcs12(pb); 443 444 start_check_contentinfo(pb); 445 446 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 447 448 end_check_contentinfo(pb); 449 450 end_check_pkcs12(pb); 451 452 return end_pkcs12_builder(pb); 453 } 454 455 static int test_single_cert_mac(PKCS12_ENC *mac) 456 { 457 char fname[80]; 458 PKCS12_BUILDER *pb; 459 460 sprintf(fname, "1cert_mac-%s_iter-%d.p12", OBJ_nid2sn(mac->nid), mac->iter); 461 462 pb = new_pkcs12_builder(fname); 463 464 /* Generate/encode */ 465 start_pkcs12(pb); 466 467 start_contentinfo(pb); 468 469 add_certbag(pb, CERT1, sizeof(CERT1), NULL); 470 471 end_contentinfo(pb); 472 473 end_pkcs12_with_mac(pb, mac); 474 475 /* Read/decode */ 476 start_check_pkcs12_with_mac(pb, mac); 477 478 start_check_contentinfo(pb); 479 480 check_certbag(pb, CERT1, sizeof(CERT1), NULL); 481 482 end_check_contentinfo(pb); 483 484 end_check_pkcs12(pb); 485 486 return end_pkcs12_builder(pb); 487 } 488 489 static int test_single_cert_mac_alg(int z) 490 { 491 PKCS12_ENC mac; 492 493 mac.nid = mac_nids[z]; 494 mac.pass = mac_default.pass; 495 mac.iter = mac_default.iter; 496 497 return test_single_cert_mac(&mac); 498 } 499 500 static int test_single_cert_mac_pass(int z) 501 { 502 PKCS12_ENC mac; 503 504 mac.nid = mac_default.nid; 505 mac.pass = passwords[z]; 506 mac.iter = mac_default.iter; 507 508 return test_single_cert_mac(&mac); 509 } 510 511 static int test_single_cert_mac_iter(int z) 512 { 513 PKCS12_ENC mac; 514 515 mac.nid = mac_default.nid; 516 mac.pass = mac_default.pass; 517 mac.iter = iters[z]; 518 519 return test_single_cert_mac(&mac); 520 } 521 522 static int test_cert_key_with_attrs_and_mac(void) 523 { 524 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key.p12"); 525 526 /* Generate/encode */ 527 start_pkcs12(pb); 528 529 start_contentinfo(pb); 530 531 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1); 532 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 533 534 end_contentinfo(pb); 535 536 end_pkcs12_with_mac(pb, &mac_default); 537 538 /* Read/decode */ 539 start_check_pkcs12_with_mac(pb, &mac_default); 540 541 start_check_contentinfo(pb); 542 543 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1); 544 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 545 546 end_check_contentinfo(pb); 547 548 end_check_pkcs12(pb); 549 550 return end_pkcs12_builder(pb); 551 } 552 553 static int test_cert_key_encrypted_content(void) 554 { 555 PKCS12_BUILDER *pb = new_pkcs12_builder("1cert1key_enc.p12"); 556 557 /* Generate/encode */ 558 start_pkcs12(pb); 559 560 start_contentinfo(pb); 561 562 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1); 563 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 564 565 end_contentinfo_encrypted(pb, &enc_default); 566 567 end_pkcs12_with_mac(pb, &mac_default); 568 569 /* Read/decode */ 570 start_check_pkcs12_with_mac(pb, &mac_default); 571 572 start_check_contentinfo_encrypted(pb, &enc_default); 573 574 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1); 575 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 576 577 end_check_contentinfo(pb); 578 579 end_check_pkcs12(pb); 580 581 return end_pkcs12_builder(pb); 582 } 583 584 static int test_single_secret_encrypted_content(void) 585 { 586 PKCS12_BUILDER *pb = new_pkcs12_builder("1secret.p12"); 587 int custom_nid = get_custom_oid(); 588 589 /* Generate/encode */ 590 start_pkcs12(pb); 591 592 start_contentinfo(pb); 593 594 add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1); 595 596 end_contentinfo_encrypted(pb, &enc_default); 597 598 end_pkcs12_with_mac(pb, &mac_default); 599 600 /* Read/decode */ 601 start_check_pkcs12_with_mac(pb, &mac_default); 602 603 start_check_contentinfo_encrypted(pb, &enc_default); 604 605 check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1); 606 607 end_check_contentinfo(pb); 608 609 end_check_pkcs12(pb); 610 611 return end_pkcs12_builder(pb); 612 } 613 614 static int test_single_secret(PKCS12_ENC *enc) 615 { 616 int custom_nid; 617 char fname[80]; 618 PKCS12_BUILDER *pb; 619 620 sprintf(fname, "1secret_ciph-%s_iter-%d.p12", OBJ_nid2sn(enc->nid), enc->iter); 621 pb = new_pkcs12_builder(fname); 622 custom_nid = get_custom_oid(); 623 624 /* Generate/encode */ 625 start_pkcs12(pb); 626 627 start_contentinfo(pb); 628 629 add_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1); 630 631 end_contentinfo_encrypted(pb, enc); 632 633 end_pkcs12_with_mac(pb, &mac_default); 634 635 /* Read/decode */ 636 start_check_pkcs12_with_mac(pb, &mac_default); 637 638 start_check_contentinfo_encrypted(pb, enc); 639 640 check_secretbag(pb, custom_nid, "VerySecretMessage", ATTRS1); 641 642 end_check_contentinfo(pb); 643 644 end_check_pkcs12(pb); 645 646 return end_pkcs12_builder(pb); 647 } 648 649 static int test_single_secret_enc_alg(int z) 650 { 651 PKCS12_ENC enc; 652 653 if (lgcyprov == NULL) 654 enc.nid = enc_nids_no_legacy[z]; 655 else 656 enc.nid = enc_nids_all[z]; 657 enc.pass = enc_default.pass; 658 enc.iter = enc_default.iter; 659 660 return test_single_secret(&enc); 661 } 662 663 static int test_multiple_contents(void) 664 { 665 PKCS12_BUILDER *pb = new_pkcs12_builder("multi_contents.p12"); 666 int custom_nid = get_custom_oid(); 667 668 /* Generate/encode */ 669 start_pkcs12(pb); 670 671 start_contentinfo(pb); 672 673 add_certbag(pb, CERT1, sizeof(CERT1), ATTRS1); 674 add_certbag(pb, CERT2, sizeof(CERT2), ATTRS2); 675 add_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 676 add_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default); 677 678 end_contentinfo(pb); 679 680 start_contentinfo(pb); 681 682 add_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1); 683 684 end_contentinfo_encrypted(pb, &enc_default); 685 686 end_pkcs12_with_mac(pb, &mac_default); 687 688 /* Read/decode */ 689 start_check_pkcs12_with_mac(pb, &mac_default); 690 691 start_check_contentinfo(pb); 692 693 check_certbag(pb, CERT1, sizeof(CERT1), ATTRS1); 694 check_certbag(pb, CERT2, sizeof(CERT2), ATTRS2); 695 check_keybag(pb, KEY1, sizeof(KEY1), ATTRS1, &enc_default); 696 check_keybag(pb, KEY2, sizeof(KEY2), ATTRS2, &enc_default); 697 698 end_check_contentinfo(pb); 699 700 start_check_contentinfo_encrypted(pb, &enc_default); 701 702 check_secretbag(pb, custom_nid, "VeryVerySecretMessage", ATTRS1); 703 704 end_check_contentinfo(pb); 705 706 end_check_pkcs12(pb); 707 708 return end_pkcs12_builder(pb); 709 } 710 711 #ifndef OPENSSL_NO_DES 712 static int pkcs12_create_test(void) 713 { 714 int ret = 0; 715 EVP_PKEY *pkey = NULL; 716 PKCS12 *p12 = NULL; 717 const unsigned char *p; 718 719 static const unsigned char rsa_key[] = { 720 0x30, 0x82, 0x02, 0x5d, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xbb, 721 0x24, 0x7a, 0x09, 0x7e, 0x0e, 0xb2, 0x37, 0x32, 0xcc, 0x39, 0x67, 0xad, 722 0xf1, 0x9e, 0x3d, 0x6b, 0x82, 0x83, 0xd1, 0xd0, 0xac, 0xa4, 0xc0, 0x18, 723 0xbe, 0x8d, 0x98, 0x00, 0xc0, 0x7b, 0xff, 0x07, 0x44, 0xc9, 0xca, 0x1c, 724 0xba, 0x36, 0xe1, 0x27, 0x69, 0xff, 0xb1, 0xe3, 0x8d, 0x8b, 0xee, 0x57, 725 0xa9, 0x3a, 0xaa, 0x16, 0x43, 0x39, 0x54, 0x19, 0x7c, 0xae, 0x69, 0x24, 726 0x14, 0xf6, 0x64, 0xff, 0xbc, 0x74, 0xc6, 0x67, 0x6c, 0x4c, 0xf1, 0x02, 727 0x49, 0x69, 0xc7, 0x2b, 0xe1, 0xe1, 0xa1, 0xa3, 0x43, 0x14, 0xf4, 0x77, 728 0x8f, 0xc8, 0xd0, 0x85, 0x5a, 0x35, 0x95, 0xac, 0x62, 0xa9, 0xc1, 0x21, 729 0x00, 0x77, 0xa0, 0x8b, 0x97, 0x30, 0xb4, 0x5a, 0x2c, 0xb8, 0x90, 0x2f, 730 0x48, 0xa0, 0x05, 0x28, 0x4b, 0xf2, 0x0f, 0x8d, 0xec, 0x8b, 0x4d, 0x03, 731 0x42, 0x75, 0xd6, 0xad, 0x81, 0xc0, 0x11, 0x02, 0x03, 0x01, 0x00, 0x01, 732 0x02, 0x81, 0x80, 0x00, 0xfc, 0xb9, 0x4a, 0x26, 0x07, 0x89, 0x51, 0x2b, 733 0x53, 0x72, 0x91, 0xe0, 0x18, 0x3e, 0xa6, 0x5e, 0x31, 0xef, 0x9c, 0x0c, 734 0x16, 0x24, 0x42, 0xd0, 0x28, 0x33, 0xf9, 0xfa, 0xd0, 0x3c, 0x54, 0x04, 735 0x06, 0xc0, 0x15, 0xf5, 0x1b, 0x9a, 0xb3, 0x24, 0x31, 0xab, 0x3c, 0x6b, 736 0x47, 0x43, 0xb0, 0xd2, 0xa9, 0xdc, 0x05, 0xe1, 0x81, 0x59, 0xb6, 0x04, 737 0xe9, 0x66, 0x61, 0xaa, 0xd7, 0x0b, 0x00, 0x8f, 0x3d, 0xe5, 0xbf, 0xa2, 738 0xf8, 0x5e, 0x25, 0x6c, 0x1e, 0x22, 0x0f, 0xb4, 0xfd, 0x41, 0xe2, 0x03, 739 0x31, 0x5f, 0xda, 0x20, 0xc5, 0xc0, 0xf3, 0x55, 0x0e, 0xe1, 0xc9, 0xec, 740 0xd7, 0x3e, 0x2a, 0x0c, 0x01, 0xca, 0x7b, 0x22, 0xcb, 0xac, 0xf4, 0x2b, 741 0x27, 0xf0, 0x78, 0x5f, 0xb5, 0xc2, 0xf9, 0xe8, 0x14, 0x5a, 0x6e, 0x7e, 742 0x86, 0xbd, 0x6a, 0x9b, 0x20, 0x0c, 0xba, 0xcc, 0x97, 0x20, 0x11, 0x02, 743 0x41, 0x00, 0xc9, 0x59, 0x9f, 0x29, 0x8a, 0x5b, 0x9f, 0xe3, 0x2a, 0xd8, 744 0x7e, 0xc2, 0x40, 0x9f, 0xa8, 0x45, 0xe5, 0x3e, 0x11, 0x8d, 0x3c, 0xed, 745 0x6e, 0xab, 0xce, 0xd0, 0x65, 0x46, 0xd8, 0xc7, 0x07, 0x63, 0xb5, 0x23, 746 0x34, 0xf4, 0x9f, 0x7e, 0x1c, 0xc7, 0xc7, 0xf9, 0x65, 0xd1, 0xf4, 0x04, 747 0x42, 0x38, 0xbe, 0x3a, 0x0c, 0x9d, 0x08, 0x25, 0xfc, 0xa3, 0x71, 0xd9, 748 0xae, 0x0c, 0x39, 0x61, 0xf4, 0x89, 0x02, 0x41, 0x00, 0xed, 0xef, 0xab, 749 0xa9, 0xd5, 0x39, 0x9c, 0xee, 0x59, 0x1b, 0xff, 0xcf, 0x48, 0x44, 0x1b, 750 0xb6, 0x32, 0xe7, 0x46, 0x24, 0xf3, 0x04, 0x7f, 0xde, 0x95, 0x08, 0x6d, 751 0x75, 0x9e, 0x67, 0x17, 0xba, 0x5c, 0xa4, 0xd4, 0xe2, 0xe2, 0x4d, 0x77, 752 0xce, 0xeb, 0x66, 0x29, 0xc5, 0x96, 0xe0, 0x62, 0xbb, 0xe5, 0xac, 0xdc, 753 0x44, 0x62, 0x54, 0x86, 0xed, 0x64, 0x0c, 0xce, 0xd0, 0x60, 0x03, 0x9d, 754 0x49, 0x02, 0x40, 0x54, 0xd9, 0x18, 0x72, 0x27, 0xe4, 0xbe, 0x76, 0xbb, 755 0x1a, 0x6a, 0x28, 0x2f, 0x95, 0x58, 0x12, 0xc4, 0x2c, 0xa8, 0xb6, 0xcc, 756 0xe2, 0xfd, 0x0d, 0x17, 0x64, 0xc8, 0x18, 0xd7, 0xc6, 0xdf, 0x3d, 0x4c, 757 0x1a, 0x9e, 0xf9, 0x2a, 0xb0, 0xb9, 0x2e, 0x12, 0xfd, 0xec, 0xc3, 0x51, 758 0xc1, 0xed, 0xa9, 0xfd, 0xb7, 0x76, 0x93, 0x41, 0xd8, 0xc8, 0x22, 0x94, 759 0x1a, 0x77, 0xf6, 0x9c, 0xc3, 0xc3, 0x89, 0x02, 0x41, 0x00, 0x8e, 0xf9, 760 0xa7, 0x08, 0xad, 0xb5, 0x2a, 0x04, 0xdb, 0x8d, 0x04, 0xa1, 0xb5, 0x06, 761 0x20, 0x34, 0xd2, 0xcf, 0xc0, 0x89, 0xb1, 0x72, 0x31, 0xb8, 0x39, 0x8b, 762 0xcf, 0xe2, 0x8e, 0xa5, 0xda, 0x4f, 0x45, 0x1e, 0x53, 0x42, 0x66, 0xc4, 763 0x30, 0x4b, 0x29, 0x8e, 0xc1, 0x69, 0x17, 0x29, 0x8c, 0x8a, 0xe6, 0x0f, 764 0x82, 0x68, 0xa1, 0x41, 0xb3, 0xb6, 0x70, 0x99, 0x75, 0xa9, 0x27, 0x18, 765 0xe4, 0xe9, 0x02, 0x41, 0x00, 0x89, 0xea, 0x6e, 0x6d, 0x70, 0xdf, 0x25, 766 0x5f, 0x18, 0x3f, 0x48, 0xda, 0x63, 0x10, 0x8b, 0xfe, 0xa8, 0x0c, 0x94, 767 0x0f, 0xde, 0x97, 0x56, 0x53, 0x89, 0x94, 0xe2, 0x1e, 0x2c, 0x74, 0x3c, 768 0x91, 0x81, 0x34, 0x0b, 0xa6, 0x40, 0xf8, 0xcb, 0x2a, 0x60, 0x8c, 0xe0, 769 0x02, 0xb7, 0x89, 0x93, 0xcf, 0x18, 0x9f, 0x49, 0x54, 0xfd, 0x7d, 0x3f, 770 0x9a, 0xef, 0xd4, 0xa4, 0x4f, 0xc1, 0x45, 0x99, 0x91, 771 }; 772 773 p = rsa_key; 774 if (!TEST_ptr(pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &p, 775 sizeof(rsa_key), NULL, NULL))) 776 goto err; 777 if (!TEST_int_eq(ERR_peek_error(), 0)) 778 goto err; 779 p12 = PKCS12_create(NULL, NULL, pkey, NULL, NULL, 780 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 781 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 2, 1, 0); 782 if (!TEST_ptr(p12)) 783 goto err; 784 785 if (!TEST_int_eq(ERR_peek_error(), 0)) 786 goto err; 787 ret = 1; 788 err: 789 PKCS12_free(p12); 790 EVP_PKEY_free(pkey); 791 return ret; 792 } 793 #endif 794 795 static int pkcs12_recreate_test(void) 796 { 797 int ret = 0; 798 X509 *cert = NULL; 799 X509 *cert_parsed = NULL; 800 EVP_PKEY *pkey = NULL; 801 EVP_PKEY *pkey_parsed = NULL; 802 PKCS12 *p12 = NULL; 803 PKCS12 *p12_parsed = NULL; 804 PKCS12 *p12_recreated = NULL; 805 const unsigned char *cert_bytes = CERT1; 806 const unsigned char *key_bytes = KEY1; 807 BIO *bio = NULL; 808 809 cert = d2i_X509(NULL, &cert_bytes, sizeof(CERT1)); 810 if (!TEST_ptr(cert)) 811 goto err; 812 pkey = d2i_AutoPrivateKey(NULL, &key_bytes, sizeof(KEY1)); 813 if (!TEST_ptr(pkey)) 814 goto err; 815 p12 = PKCS12_create("pass", NULL, pkey, cert, NULL, NID_aes_256_cbc, 816 NID_aes_256_cbc, 2, 1, 0); 817 if (!TEST_ptr(p12)) 818 goto err; 819 if (!TEST_int_eq(ERR_peek_error(), 0)) 820 goto err; 821 822 bio = BIO_new(BIO_s_mem()); 823 if (!TEST_ptr(bio)) 824 goto err; 825 if (!TEST_int_eq(i2d_PKCS12_bio(bio, p12), 1)) 826 goto err; 827 p12_parsed = PKCS12_init_ex(NID_pkcs7_data, testctx, NULL); 828 if (!TEST_ptr(p12_parsed)) 829 goto err; 830 p12_parsed = d2i_PKCS12_bio(bio, &p12_parsed); 831 if (!TEST_ptr(p12_parsed)) 832 goto err; 833 if (!TEST_int_eq(PKCS12_parse(p12_parsed, "pass", &pkey_parsed, 834 &cert_parsed, NULL), 1)) 835 goto err; 836 837 /* cert_parsed also contains auxiliary data */ 838 p12_recreated = PKCS12_create("new_pass", NULL, pkey_parsed, cert_parsed, 839 NULL, NID_aes_256_cbc, NID_aes_256_cbc, 840 2, 1, 0); 841 if (!TEST_ptr(p12_recreated)) 842 goto err; 843 if (!TEST_int_eq(ERR_peek_error(), 0)) 844 goto err; 845 846 ret = 1; 847 err: 848 BIO_free(bio); 849 PKCS12_free(p12); 850 PKCS12_free(p12_parsed); 851 PKCS12_free(p12_recreated); 852 EVP_PKEY_free(pkey); 853 EVP_PKEY_free(pkey_parsed); 854 X509_free(cert); 855 X509_free(cert_parsed); 856 return ret; 857 } 858 859 typedef enum OPTION_choice { 860 OPT_ERR = -1, 861 OPT_EOF = 0, 862 OPT_WRITE, 863 OPT_LEGACY, 864 OPT_CONTEXT, 865 OPT_TEST_ENUM 866 } OPTION_CHOICE; 867 868 const OPTIONS *test_get_options(void) 869 { 870 static const OPTIONS options[] = { 871 OPT_TEST_OPTIONS_DEFAULT_USAGE, 872 { "write", OPT_WRITE, '-', "Write PKCS12 objects to file" }, 873 { "legacy", OPT_LEGACY, '-', "Test the legacy APIs" }, 874 { "context", OPT_CONTEXT, '-', "Explicitly use a non-default library context" }, 875 { NULL } 876 }; 877 return options; 878 } 879 880 int setup_tests(void) 881 { 882 OPTION_CHOICE o; 883 884 while ((o = opt_next()) != OPT_EOF) { 885 switch (o) { 886 case OPT_WRITE: 887 PKCS12_helper_set_write_files(1); 888 break; 889 case OPT_LEGACY: 890 PKCS12_helper_set_legacy(1); 891 break; 892 case OPT_CONTEXT: 893 default_libctx = 0; 894 break; 895 case OPT_TEST_CASES: 896 break; 897 default: 898 return 0; 899 } 900 } 901 902 if (!default_libctx) { 903 testctx = OSSL_LIB_CTX_new(); 904 if (!TEST_ptr(testctx)) 905 return 0; 906 nullprov = OSSL_PROVIDER_load(NULL, "null"); 907 if (!TEST_ptr(nullprov)) 908 return 0; 909 } 910 911 deflprov = OSSL_PROVIDER_load(testctx, "default"); 912 if (!TEST_ptr(deflprov)) 913 return 0; 914 lgcyprov = OSSL_PROVIDER_load(testctx, "legacy"); 915 916 PKCS12_helper_set_libctx(testctx); 917 918 /* 919 * Verify that the default and fips providers in the default libctx are not 920 * available if we are using a standalone context 921 */ 922 if (!default_libctx) { 923 if (!TEST_false(OSSL_PROVIDER_available(NULL, "default")) 924 || !TEST_false(OSSL_PROVIDER_available(NULL, "fips"))) 925 return 0; 926 } 927 928 ADD_TEST(test_single_cert_no_attrs); 929 if (lgcyprov == NULL) { 930 ADD_ALL_TESTS(test_single_key_enc_alg, OSSL_NELEM(enc_nids_no_legacy)); 931 ADD_ALL_TESTS(test_single_secret_enc_alg, OSSL_NELEM(enc_nids_no_legacy)); 932 } else { 933 ADD_ALL_TESTS(test_single_key_enc_alg, OSSL_NELEM(enc_nids_all)); 934 ADD_ALL_TESTS(test_single_secret_enc_alg, OSSL_NELEM(enc_nids_all)); 935 } 936 #ifndef OPENSSL_NO_DES 937 if (default_libctx) 938 ADD_TEST(pkcs12_create_test); 939 #endif 940 if (default_libctx) 941 ADD_TEST(pkcs12_recreate_test); 942 ADD_ALL_TESTS(test_single_key_enc_pass, OSSL_NELEM(passwords)); 943 ADD_ALL_TESTS(test_single_key_enc_iter, OSSL_NELEM(iters)); 944 ADD_TEST(test_single_key_with_attrs); 945 ADD_ALL_TESTS(test_single_cert_mac_alg, OSSL_NELEM(mac_nids)); 946 ADD_ALL_TESTS(test_single_cert_mac_pass, OSSL_NELEM(passwords)); 947 ADD_ALL_TESTS(test_single_cert_mac_iter, OSSL_NELEM(iters)); 948 ADD_TEST(test_cert_key_with_attrs_and_mac); 949 ADD_TEST(test_cert_key_encrypted_content); 950 ADD_TEST(test_single_secret_encrypted_content); 951 ADD_TEST(test_multiple_contents); 952 return 1; 953 } 954 955 void cleanup_tests(void) 956 { 957 OSSL_PROVIDER_unload(nullprov); 958 OSSL_PROVIDER_unload(deflprov); 959 OSSL_PROVIDER_unload(lgcyprov); 960 OSSL_LIB_CTX_free(testctx); 961 } 962