Move pkcs{7,8}_test over to gtest
BUG=129
Change-Id: I1fef45d662743e7210f93e4dc1bae0c55f75d3fe
Reviewed-on: https://boringssl-review.googlesource.com/16864
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index 28b6c3a..c772d13 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -253,6 +253,8 @@
hkdf/hkdf_test.cc
hmac_extra/hmac_test.cc
lhash/lhash_test.cc
+ pkcs7/pkcs7_test.cc
+ pkcs8/pkcs8_test.cc
poly1305/poly1305_test.cc
pool/pool_test.cc
refcount_test.cc
diff --git a/crypto/pkcs7/CMakeLists.txt b/crypto/pkcs7/CMakeLists.txt
index 8137a6f..65c6566 100644
--- a/crypto/pkcs7/CMakeLists.txt
+++ b/crypto/pkcs7/CMakeLists.txt
@@ -8,14 +8,3 @@
pkcs7.c
pkcs7_x509.c
)
-
-add_executable(
- pkcs7_test
-
- pkcs7_test.c
-
- $<TARGET_OBJECTS:test_support>
-)
-
-target_link_libraries(pkcs7_test crypto)
-add_dependencies(all_tests pkcs7_test)
diff --git a/crypto/pkcs7/pkcs7_test.c b/crypto/pkcs7/pkcs7_test.cc
similarity index 87%
rename from crypto/pkcs7/pkcs7_test.c
rename to crypto/pkcs7/pkcs7_test.cc
index 486fdc8..544dffc 100644
--- a/crypto/pkcs7/pkcs7_test.c
+++ b/crypto/pkcs7/pkcs7_test.cc
@@ -12,9 +12,7 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
+#include <gtest/gtest.h>
#include <openssl/bytestring.h>
#include <openssl/crypto.h>
@@ -24,6 +22,7 @@
#include <openssl/x509.h>
#include "../internal.h"
+#include "../test/test_util.h"
/* kPKCS7NSS contains the certificate chain of mail.google.com, as saved by NSS
@@ -470,188 +469,115 @@
"fNQMQoI9So4Vdy88Kow6BBBV3Lu6sZHue+cjxXETrmshNdNk8ABUMQA=\n"
"-----END PKCS7-----\n";
-static int test_cert_reparse(const uint8_t *der_bytes, size_t der_len) {
- CBS pkcs7;
- CBB cbb;
- STACK_OF(X509) *certs = sk_X509_new_null();
- STACK_OF(X509) *certs2 = sk_X509_new_null();
+static void TestCertRepase(const uint8_t *der_bytes, size_t der_len) {
+ bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null());
+ ASSERT_TRUE(certs);
+ bssl::UniquePtr<STACK_OF(X509)> certs2(sk_X509_new_null());
+ ASSERT_TRUE(certs2);
uint8_t *result_data, *result2_data;
- size_t result_len, result2_len, i;
+ size_t result_len, result2_len;
+ CBS pkcs7;
CBS_init(&pkcs7, der_bytes, der_len);
- if (!PKCS7_get_certificates(certs, &pkcs7)) {
- fprintf(stderr, "PKCS7_get_certificates failed.\n");
- return 0;
- }
+ ASSERT_TRUE(PKCS7_get_certificates(certs.get(), &pkcs7));
- CBB_init(&cbb, der_len);
- if (!PKCS7_bundle_certificates(&cbb, certs) ||
- !CBB_finish(&cbb, &result_data, &result_len)) {
- fprintf(stderr, "PKCS7_bundle_certificates failed.\n");
- return 0;
- }
+ bssl::ScopedCBB cbb;
+ ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(PKCS7_bundle_certificates(cbb.get(), certs.get()));
+ ASSERT_TRUE(CBB_finish(cbb.get(), &result_data, &result_len));
+ bssl::UniquePtr<uint8_t> free_result_data(result_data);
CBS_init(&pkcs7, result_data, result_len);
- if (!PKCS7_get_certificates(certs2, &pkcs7)) {
- fprintf(stderr, "PKCS7_get_certificates reparse failed.\n");
- return 0;
+ ASSERT_TRUE(PKCS7_get_certificates(certs2.get(), &pkcs7));
+
+ ASSERT_EQ(sk_X509_num(certs.get()), sk_X509_num(certs2.get()));
+
+ for (size_t i = 0; i < sk_X509_num(certs.get()); i++) {
+ X509 *a = sk_X509_value(certs.get(), i);
+ X509 *b = sk_X509_value(certs2.get(), i);
+ ASSERT_EQ(0, X509_cmp(a, b));
}
- if (sk_X509_num(certs) != sk_X509_num(certs2)) {
- fprintf(stderr, "Number of certs in results differ.\n");
- return 0;
- }
+ ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(PKCS7_bundle_certificates(cbb.get(), certs2.get()));
+ ASSERT_TRUE(CBB_finish(cbb.get(), &result2_data, &result2_len));
+ bssl::UniquePtr<uint8_t> free_result2_data(result2_data);
- for (i = 0; i < sk_X509_num(certs); i++) {
- X509 *a = sk_X509_value(certs, i);
- X509 *b = sk_X509_value(certs2, i);
-
- if (X509_cmp(a, b) != 0) {
- fprintf(stderr, "Certificate %zu differs.\n", i);
- return 0;
- }
- }
-
- CBB_init(&cbb, der_len);
- if (!PKCS7_bundle_certificates(&cbb, certs2) ||
- !CBB_finish(&cbb, &result2_data, &result2_len)) {
- fprintf(stderr,
- "PKCS7_bundle_certificates failed the second time.\n");
- return 0;
- }
-
- if (result_len != result2_len ||
- OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
- fprintf(stderr, "Serialisation is not stable.\n");
- return 0;
- }
-
- OPENSSL_free(result_data);
- OPENSSL_free(result2_data);
- sk_X509_pop_free(certs, X509_free);
- sk_X509_pop_free(certs2, X509_free);
-
- return 1;
+ EXPECT_EQ(Bytes(result_data, result_len), Bytes(result2_data, result2_len));
}
-static int test_crl_reparse(const uint8_t *der_bytes, size_t der_len) {
- CBS pkcs7;
- CBB cbb;
- STACK_OF(X509_CRL) *crls = sk_X509_CRL_new_null();
- STACK_OF(X509_CRL) *crls2 = sk_X509_CRL_new_null();
+static void TestCRLReparse(const uint8_t *der_bytes, size_t der_len) {
+ bssl::UniquePtr<STACK_OF(X509_CRL)> crls(sk_X509_CRL_new_null());
+ ASSERT_TRUE(crls);
+ bssl::UniquePtr<STACK_OF(X509_CRL)> crls2(sk_X509_CRL_new_null());
+ ASSERT_TRUE(crls2);
uint8_t *result_data, *result2_data;
- size_t result_len, result2_len, i;
+ size_t result_len, result2_len;
+ CBS pkcs7;
CBS_init(&pkcs7, der_bytes, der_len);
- if (!PKCS7_get_CRLs(crls, &pkcs7)) {
- fprintf(stderr, "PKCS7_get_CRLs failed.\n");
- return 0;
- }
+ ASSERT_TRUE(PKCS7_get_CRLs(crls.get(), &pkcs7));
- CBB_init(&cbb, der_len);
- if (!PKCS7_bundle_CRLs(&cbb, crls) ||
- !CBB_finish(&cbb, &result_data, &result_len)) {
- fprintf(stderr, "PKCS7_bundle_CRLs failed.\n");
- return 0;
- }
+ bssl::ScopedCBB cbb;
+ ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(PKCS7_bundle_CRLs(cbb.get(), crls.get()));
+ ASSERT_TRUE(CBB_finish(cbb.get(), &result_data, &result_len));
+ bssl::UniquePtr<uint8_t> free_result_data(result_data);
CBS_init(&pkcs7, result_data, result_len);
- if (!PKCS7_get_CRLs(crls2, &pkcs7)) {
- fprintf(stderr, "PKCS7_get_CRLs reparse failed.\n");
- return 0;
+ ASSERT_TRUE(PKCS7_get_CRLs(crls2.get(), &pkcs7));
+
+ ASSERT_EQ(sk_X509_CRL_num(crls.get()), sk_X509_CRL_num(crls.get()));
+
+ for (size_t i = 0; i < sk_X509_CRL_num(crls.get()); i++) {
+ X509_CRL *a = sk_X509_CRL_value(crls.get(), i);
+ X509_CRL *b = sk_X509_CRL_value(crls2.get(), i);
+ ASSERT_EQ(0, X509_CRL_cmp(a, b));
}
- if (sk_X509_CRL_num(crls) != sk_X509_CRL_num(crls)) {
- fprintf(stderr, "Number of CRLs in results differ.\n");
- return 0;
- }
+ ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(PKCS7_bundle_CRLs(cbb.get(), crls2.get()));
+ ASSERT_TRUE(CBB_finish(cbb.get(), &result2_data, &result2_len));
+ bssl::UniquePtr<uint8_t> free_result2_data(result2_data);
- for (i = 0; i < sk_X509_CRL_num(crls); i++) {
- X509_CRL *a = sk_X509_CRL_value(crls, i);
- X509_CRL *b = sk_X509_CRL_value(crls2, i);
-
- if (X509_CRL_cmp(a, b) != 0) {
- fprintf(stderr, "CRL %zu differs.\n", i);
- return 0;
- }
- }
-
- CBB_init(&cbb, der_len);
- if (!PKCS7_bundle_CRLs(&cbb, crls2) ||
- !CBB_finish(&cbb, &result2_data, &result2_len)) {
- fprintf(stderr,
- "PKCS7_bundle_CRLs failed the second time.\n");
- return 0;
- }
-
- if (result_len != result2_len ||
- OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
- fprintf(stderr, "Serialisation is not stable.\n");
- return 0;
- }
-
- OPENSSL_free(result_data);
- OPENSSL_free(result2_data);
- sk_X509_CRL_pop_free(crls, X509_CRL_free);
- sk_X509_CRL_pop_free(crls2, X509_CRL_free);
-
- return 1;
+ EXPECT_EQ(Bytes(result_data, result_len), Bytes(result2_data, result2_len));
}
-static int test_pem_certs(const char *pem) {
- BIO *bio = BIO_new_mem_buf(pem, strlen(pem));
- STACK_OF(X509) *certs = sk_X509_new_null();
+static void TestPEMCerts(const char *pem) {
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(pem, strlen(pem)));
+ ASSERT_TRUE(bio);
+ bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null());
+ ASSERT_TRUE(certs);
- if (!PKCS7_get_PEM_certificates(certs, bio)) {
- fprintf(stderr, "PKCS7_get_PEM_certificates failed.\n");
- return 0;
- }
-
- if (sk_X509_num(certs) != 1) {
- fprintf(stderr,
- "Bad number of certificates from PKCS7_get_PEM_certificates: %zu\n",
- sk_X509_num(certs));
- return 0;
- }
-
- BIO_free(bio);
- sk_X509_pop_free(certs, X509_free);
-
- return 1;
+ ASSERT_TRUE(PKCS7_get_PEM_certificates(certs.get(), bio.get()));
+ ASSERT_EQ(1u, sk_X509_num(certs.get()));
}
-static int test_pem_crls(const char *pem) {
- BIO *bio = BIO_new_mem_buf(pem, strlen(pem));
- STACK_OF(X509_CRL) *crls = sk_X509_CRL_new_null();
+static void TestPEMCRLs(const char *pem) {
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(pem, strlen(pem)));
+ ASSERT_TRUE(bio);
+ bssl::UniquePtr<STACK_OF(X509_CRL)> crls(sk_X509_CRL_new_null());
- if (!PKCS7_get_PEM_CRLs(crls, bio)) {
- fprintf(stderr, "PKCS7_get_PEM_CRLs failed.\n");
- return 0;
- }
-
- if (sk_X509_CRL_num(crls) != 1) {
- fprintf(stderr, "Bad number of CRLs from PKCS7_get_PEM_CRLs: %zu\n",
- sk_X509_CRL_num(crls));
- return 0;
- }
-
- BIO_free(bio);
- sk_X509_CRL_pop_free(crls, X509_CRL_free);
-
- return 1;
+ ASSERT_TRUE(PKCS7_get_PEM_CRLs(crls.get(), bio.get()));
+ ASSERT_EQ(1u, sk_X509_CRL_num(crls.get()));
}
-int main(void) {
- CRYPTO_library_init();
+TEST(PKCS7Test, CertReparseNSS) {
+ TestCertRepase(kPKCS7NSS, sizeof(kPKCS7NSS));
+}
- if (!test_cert_reparse(kPKCS7NSS, sizeof(kPKCS7NSS)) ||
- !test_cert_reparse(kPKCS7Windows, sizeof(kPKCS7Windows)) ||
- !test_crl_reparse(kOpenSSLCRL, sizeof(kOpenSSLCRL)) ||
- !test_pem_certs(kPEMCert) ||
- !test_pem_crls(kPEMCRL)) {
- return 1;
- }
+TEST(PKCS7Test, CertReparseWindows) {
+ TestCertRepase(kPKCS7Windows, sizeof(kPKCS7Windows));
+}
- printf("PASS\n");
- return 0;
+TEST(PKCS7Test, CrlReparse) {
+ TestCRLReparse(kOpenSSLCRL, sizeof(kOpenSSLCRL));
+}
+
+TEST(PKCS7Test, PEMCerts) {
+ TestPEMCerts(kPEMCert);
+}
+
+TEST(PKCS7Test, PEMCRLs) {
+ TestPEMCRLs(kPEMCRL);
}
diff --git a/crypto/pkcs8/CMakeLists.txt b/crypto/pkcs8/CMakeLists.txt
index 0bdccec..758f4d4 100644
--- a/crypto/pkcs8/CMakeLists.txt
+++ b/crypto/pkcs8/CMakeLists.txt
@@ -18,12 +18,5 @@
$<TARGET_OBJECTS:test_support>
)
-add_executable(
- pkcs8_test
-
- pkcs8_test.cc
-)
-
-target_link_libraries(pkcs8_test crypto)
target_link_libraries(pkcs12_test crypto)
-add_dependencies(all_tests pkcs8_test pkcs12_test)
+add_dependencies(all_tests pkcs12_test)
diff --git a/crypto/pkcs8/pkcs8_test.cc b/crypto/pkcs8/pkcs8_test.cc
index 94385ac..020c9d9 100644
--- a/crypto/pkcs8/pkcs8_test.cc
+++ b/crypto/pkcs8/pkcs8_test.cc
@@ -12,9 +12,7 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
+#include <gtest/gtest.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
@@ -168,27 +166,19 @@
0x68, 0xf9, 0x5e, 0x01, 0x66, 0x59, 0x5f, 0x3f, 0x05, 0x57, 0xcd,
};
-static bool TestDecrypt(const uint8_t *der, size_t der_len,
+static void TestDecrypt(const uint8_t *der, size_t der_len,
const char *password) {
const uint8_t *data = der;
bssl::UniquePtr<X509_SIG> sig(d2i_X509_SIG(NULL, &data, der_len));
- if (sig.get() == NULL || data != der + der_len) {
- fprintf(stderr, "d2i_X509_SIG failed or did not consume all bytes.\n");
- return false;
- }
+ ASSERT_TRUE(sig.get());
+ ASSERT_EQ(der + der_len, data);
bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> keypair(
PKCS8_decrypt(sig.get(), password, -1));
- if (!keypair) {
- fprintf(stderr, "PKCS8_decrypt failed.\n");
- ERR_print_errors_fp(stderr);
- return false;
- }
-
- return true;
+ ASSERT_TRUE(keypair);
}
-static bool TestRoundTrip(int pbe_nid, const EVP_CIPHER *cipher,
+static void TestRoundTrip(int pbe_nid, const EVP_CIPHER *cipher,
const char *password, const uint8_t *salt,
size_t salt_len, int iterations) {
static const uint8_t kSampleKey[] = {
@@ -209,76 +199,82 @@
const uint8_t *ptr = kSampleKey;
bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> key(
d2i_PKCS8_PRIV_KEY_INFO(nullptr, &ptr, sizeof(kSampleKey)));
- if (!key || ptr != kSampleKey + sizeof(kSampleKey)) {
- return false;
- }
+ ASSERT_TRUE(key);
+ ASSERT_EQ(kSampleKey + sizeof(kSampleKey), ptr);
bssl::UniquePtr<X509_SIG> encrypted(PKCS8_encrypt(
pbe_nid, cipher, password, -1, salt, salt_len, iterations, key.get()));
- if (!encrypted) {
- fprintf(stderr, "Failed to encrypt private key.\n");
- return false;
- }
+ ASSERT_TRUE(encrypted);
bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> key2(
PKCS8_decrypt(encrypted.get(), password, -1));
- if (!key2) {
- fprintf(stderr, "Failed to decrypt private key.\n");
- return false;
- }
+ ASSERT_TRUE(key2);
uint8_t *encoded = nullptr;
int len = i2d_PKCS8_PRIV_KEY_INFO(key2.get(), &encoded);
bssl::UniquePtr<uint8_t> free_encoded(encoded);
- if (len < 0 ||
- static_cast<size_t>(len) != sizeof(kSampleKey) ||
- OPENSSL_memcmp(encoded, kSampleKey, sizeof(kSampleKey)) != 0) {
- fprintf(stderr, "Decrypted private key did not round-trip.");
- return false;
- }
-
- return true;
+ ASSERT_GE(len, 0);
+ ASSERT_EQ(static_cast<size_t>(len), sizeof(kSampleKey));
+ ASSERT_EQ(0, OPENSSL_memcmp(encoded, kSampleKey, sizeof(kSampleKey)));
}
-int main(int argc, char **argv) {
- CRYPTO_library_init();
+TEST(PKCS8Test, DecryptString) {
+ TestDecrypt(kDER, sizeof(kDER), "testing");
+}
- if (!TestDecrypt(kDER, sizeof(kDER), "testing") ||
- !TestDecrypt(kNullPassword, sizeof(kNullPassword), NULL) ||
- !TestDecrypt(kNullPasswordNSS, sizeof(kNullPasswordNSS), NULL) ||
- !TestDecrypt(kEmptyPasswordOpenSSL, sizeof(kEmptyPasswordOpenSSL), "") ||
- !TestDecrypt(kExplicitHMACWithSHA1, sizeof(kExplicitHMACWithSHA1),
- "foo") ||
- !TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
- "password", nullptr, 0, 10) ||
- // Vary the salt
- !TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
- "password", nullptr, 4, 10) ||
- !TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
- "password", (const uint8_t *)"salt", 4, 10) ||
- // Vary the iteration count.
- !TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
- "password", nullptr, 0, 1) ||
- // Vary the password.
- !TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr, "",
- nullptr, 0, 1) ||
- !TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr, nullptr,
- nullptr, 0, 1) ||
- // Vary the PBE suite.
- !TestRoundTrip(NID_pbe_WithSHA1And40BitRC2_CBC, nullptr, "password",
- nullptr, 0, 10) ||
- !TestRoundTrip(NID_pbe_WithSHA1And128BitRC4, nullptr, "password", nullptr,
- 0, 10) ||
- // Test PBES2.
- !TestRoundTrip(-1, EVP_aes_128_cbc(), "password", nullptr, 0, 10) ||
- !TestRoundTrip(-1, EVP_aes_128_cbc(), "password", nullptr, 4, 10) ||
- !TestRoundTrip(-1, EVP_aes_128_cbc(), "password", (const uint8_t *)"salt",
- 4, 10) ||
- !TestRoundTrip(-1, EVP_aes_128_cbc(), "password", nullptr, 0, 1) ||
- !TestRoundTrip(-1, EVP_rc2_cbc(), "password", nullptr, 0, 10)) {
- return 1;
- }
+TEST(PKCS8Test, DecryptNull) {
+ TestDecrypt(kNullPassword, sizeof(kNullPassword), NULL);
+}
- printf("PASS\n");
- return 0;
+TEST(PKCS8Test, DecryptNullNSS) {
+ TestDecrypt(kNullPasswordNSS, sizeof(kNullPasswordNSS), NULL);
+}
+
+TEST(PKCS8Test, DecryptEmptyStringOpenSSL) {
+ TestDecrypt(kEmptyPasswordOpenSSL, sizeof(kEmptyPasswordOpenSSL), "");
+}
+
+TEST(PKCS8Test, DecryptExplicitHMACWithSHA1) {
+ TestDecrypt(kExplicitHMACWithSHA1, sizeof(kExplicitHMACWithSHA1), "foo");
+}
+
+TEST(PKCS8Test, RoundTripPBEWithrSHA1And3KeyTripleDES) {
+ // Test with different salts.
+ TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
+ "password", nullptr, 0, 10);
+ TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
+ "password", nullptr, 4, 10);
+ TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
+ "password", (const uint8_t *)"salt", 4, 10);
+ // Test with a different iteration count.
+ TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
+ "password", nullptr, 0, 1);
+}
+
+// Test that both "" (empty password, encoded as "\0\0") and nullptr (no
+// password, encoded as "") work.
+TEST(PKCS8Test, RoundTripPBEWithSHA1And3KeyTripleDESEmptyPassword) {
+ TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr, "",
+ nullptr, 0, 1);
+ TestRoundTrip(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr, nullptr,
+ nullptr, 0, 1);
+}
+
+TEST(PKCS8Test, RoundTripPBEWithSHA1And40BitRC2CBC) {
+ TestRoundTrip(NID_pbe_WithSHA1And40BitRC2_CBC, nullptr, "password",
+ nullptr, 0, 10);
+}
+
+TEST(PKCS8Test, RoundTripPBEWithSHA1And128BitRC4) {
+ TestRoundTrip(NID_pbe_WithSHA1And128BitRC4, nullptr, "password",
+ nullptr, 0, 10);
+}
+
+TEST(PKCS8Test, RoundTripPBES2) {
+ TestRoundTrip(-1, EVP_aes_128_cbc(), "password", nullptr, 0, 10);
+ TestRoundTrip(-1, EVP_aes_128_cbc(), "password", nullptr, 4, 10);
+ TestRoundTrip(-1, EVP_aes_128_cbc(), "password", (const uint8_t *)"salt",
+ 4, 10);
+ TestRoundTrip(-1, EVP_aes_128_cbc(), "password", nullptr, 0, 1);
+ TestRoundTrip(-1, EVP_rc2_cbc(), "password", nullptr, 0, 10);
}
diff --git a/util/all_tests.json b/util/all_tests.json
index e209cf9..a47a719 100644
--- a/util/all_tests.json
+++ b/util/all_tests.json
@@ -8,9 +8,7 @@
["crypto/fipsmodule/example_mul"],
["crypto/fipsmodule/p256-x86_64_test", "crypto/fipsmodule/ec/p256-x86_64_tests.txt"],
["crypto/obj/obj_test"],
- ["crypto/pkcs7/pkcs7_test"],
["crypto/pkcs8/pkcs12_test"],
- ["crypto/pkcs8/pkcs8_test"],
["crypto/thread_test"],
["crypto/x509v3/tab_test"],
["crypto/x509v3/v3name_test"],
