From 720c638717ee0d4b19f888537e316cfac154c311 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20Zwoli=C5=84ski?= Date: Tue, 16 May 2023 12:02:47 +0200 Subject: [PATCH 01/20] Add AES encrypted keys support for PKCS5 PBES2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maciej ZwoliƄski --- include/mbedtls/oid.h | 3 +++ library/oid.c | 14 +++++++++++++- tests/suites/host_test.function | 2 +- tests/suites/test_suite_pkcs5.data | 16 ++++++++++++++++ 4 files changed, 33 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 9545072296..3a7f740c99 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -306,6 +306,9 @@ MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ #define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ #define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */ +#define MBEDTLS_OID_AES_128_CBC MBEDTLS_OID_AES "\x02" /** aes128-cbc-pad OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) aes(1) aes128-CBC-PAD(2) } */ +#define MBEDTLS_OID_AES_192_CBC MBEDTLS_OID_AES "\x16" /** aes192-cbc-pad OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) aes(1) aes192-CBC-PAD(22) } */ +#define MBEDTLS_OID_AES_256_CBC MBEDTLS_OID_AES "\x2a" /** aes256-cbc-pad OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) aes(1) aes256-CBC-PAD(42) } */ /* * Key Wrapping algorithms diff --git a/library/oid.c b/library/oid.c index d139a6d0de..89d133dfe4 100644 --- a/library/oid.c +++ b/library/oid.c @@ -695,10 +695,22 @@ static const oid_cipher_alg_t oid_cipher_alg[] = OID_DESCRIPTOR(MBEDTLS_OID_DES_EDE3_CBC, "des-ede3-cbc", "DES-EDE3-CBC"), MBEDTLS_CIPHER_DES_EDE3_CBC, }, + { + OID_DESCRIPTOR(MBEDTLS_OID_AES_128_CBC, "aes128-cbc", "AES128-CBC"), + MBEDTLS_CIPHER_AES_128_CBC, + }, + { + OID_DESCRIPTOR(MBEDTLS_OID_AES_192_CBC, "aes192-cbc", "AES192-CBC"), + MBEDTLS_CIPHER_AES_192_CBC, + }, + { + OID_DESCRIPTOR(MBEDTLS_OID_AES_256_CBC, "aes256-cbc", "AES256-CBC"), + MBEDTLS_CIPHER_AES_256_CBC, + }, { NULL_OID_DESCRIPTOR, MBEDTLS_CIPHER_NONE, - }, + } }; FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 06f391fa4f..95d30f8d20 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -459,7 +459,7 @@ int execute_tests(int argc, const char **argv) int ret; unsigned total_errors = 0, total_tests = 0, total_skipped = 0; FILE *file; - char buf[5000]; + char buf[10000]; char *params[50]; /* Store for processed integer params. */ mbedtls_test_argument_t int_params[50]; diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index f3ea5536fd..8480b5c006 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -142,6 +142,22 @@ PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" +PBES2 Decrypt DES-EDE3-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C040832A773780540A2D602020800300C06082A864886F70D02090500301406082A864886F70D03070408480B29975B655BCE":"7A776F6C696E":"7C4948C17F9ABCDD9CC8DE3C91C83B6BAA2D01ABBC86DD3336875B018A7AA5527EEBA4788992FED8966923A1BD0405A1B2CA2FC011944E360863E4437D14C2F82A465D3F58D3B005389F8B46F5900A170B7A6A371DD052C59EF76858ADB553E1BD9EAA284EE1DA150BBF61879A6FC265886B5D12596D2413A9E3881EA49366D68BFD6DDA087E15A3F1C426D0416B294A57F7599D2F49C5090550A4DAD4781541E362D76F84A3389676EBE4F556FCCFC8E16065101ECC888E60D5DD58244A3CD1B90731DB5A43B30BDBF41C66A3E26AAF6363D630242CC1A6F456672FB7290D5542BFD32776619C6FD9C863CAC856DC529EFEFBE96F353697E5EC878762814ED0E6A672B38BF0D5B76F1825E8C697A646779FCD819BF4F28AE461D436D8535641670638E5C6FC8F7F2B6CA9F2868DEC0A3830645BC84701CC6A02A14E2AEE8D33D9224C96FA2F26F4675B3A73A0C7571552FE25C49F2455526D93F869A7E7C56E5E9F3012A05B298A38D7E3EEF66C6E13301B34B15C3D98446BF044E1F7C4A6FCE867AB9A68567ABC844A6B65AF8FA33D6BF899ADE0DCE98D50352F15EE2AFFD5D3BECD867DA7F54C6DEDB3396D30516FAECD3E62083E55A4A65D3CE6AB39DADD6A7C5EB192F14B8D13773AFA2CBB081350FA7DD9B5F1AD78E0F9DE17216DAE4D21EA843C4DDCD2C0B963F27F9F774435C200864D59CF28C483BCD948CA1E8950CF7C924D7BB69D85FD99BBB3E466AC36B0887CCCCDA508C55D55AC0B7045B6CC4013E9B216E6C40A6F1EFA299A078849DF7C90D1F8BCA7295B0C74403C6AE3D79717955F134AB7962F44DA87351B6F71569CA30A3D55B58958C485A285C169649607F2736DA0FC1E6BD35B7F63DBD8B3BDF300603BBFB54C23F895DCC5E086BDA3EB41D54E591A5B8537EBA4AA876513271270E2D953DA6F7AF95EF91CC986487E1F3136B15368C9638D5867FD4F8E581A3E6E1D552E778C99E465D7B243AE2C4525CE15C35E6588931FE8C476BA8ECA7CAE327B946C384FDF37448BE3662D1EAEFF7063C8427BADD713CB8EB7093FD9F3ABE582B9175C5AE10F1C85369B93A0DA29F120B12206B31B25670C8025C7F74FC2F59ADBA35E157F5BF2E77B01D61A77F1E33B7877A54F66ABD1E6CA12819EB951CFD89BBF985FD550EB2AB5AD4B8B0099A00E3FD358D2808E6178C14B1C365A1D31B7BA3F9F7F7A06852C5329D26C64AB4C1392C2FA9CDD78D30983C14E7BC9F19EF30BA5CC58759C7BC6F7F324D0A79188EB0740FD83E3B0B0664748F16071BB658C5679B7967C31300BC11B73A18545959F324734FCD4C06DE33E9290915A40A8F7799E049B8B7CCEACA02515720ECFAD78B7CB36A6144EB9AE483EA1AE978054B84C68BBA29D95C619516B783D11A6150D88DD594B975A7FD217944BD177E04FE21FE78B7BDC4B4E1E4012B756AF83589447739A5CEF211AB706C137FFC28D17F24891DF0C5DD811DE3AE90B6C4B0324376EB8A4980CF789541E2A1BFAAB3E0E64D50F584346727FEEB4EC1BBC1FFE08AF71E1A700E890006401191047661CAF3030F0D489C28BFFF374334036A68A6F4D67C25E90B04ADD9AC1763183E30E461918D45EE9C3A4F4CE621FABF6907901939278FB6FE940BCF0C6575F25C759263931383B001C7823340D9D739520E23517A8CE6EBBD4D16AAFA2149B9F04873DBD652D8CE033D65C021D4825A065F6E4CAD1927F9A":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" + +PBES2 Decrypt AES-128-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C0408E9ED80B476045B2602020800300C06082A864886F70D02090500301D0609608648016503040102041052C89F1A8BE8E0EAE6D415F1974624A4":"7A776F6C696E":"279EBEFD0DDC751FFEABDC91F9C8BEA6081E58702D429E0D44FE96735AE6DD58BD4CD84498A91804F43D669A7159C57B758D536C0CF237FE4E868CE0AE87DA2C97B9649975FE189A9200435BFFD0304286508B0F9AB8C2E36B09AF336E27A6F40EE1AA1906A38A9E187E4A7A14B472D89C6A65D39AA9D390445A6859894431BEF8EAE07B914A70F55D95DF2FB1DB8B40154C1F1E16B4273156328DBAFDDBE2AE41BEAF227525D3B5D57FE9B7C188A2FE8493ABA3C916EDF486F520C670F505A4FC8DD083245032EF69C6C76141C8576AE7E59D4DB5974C316848CCCF6A36EFB3BA67175FD996756F3E51034D659CF98D95F953BBE5A9DE564426FCE324D3A3F463C2E6464DBC34610ECEC20518B47ACB9A4ED85C326A963D3B3C7088AF2A320E4B364666D2EE3D38D067808EC01BB765C5D4B4487E2F9D9FFEC8F0EC4C4262070F252C7E9D95CF01747055E2176BB9D17DE302ADC1C39335849797DF171AAF89946931D5A5C94FB85DB84D67290974B4F8F8E677F77FD62FE7B0A10E4DE9FE83598F47D3B32015FA2B1558672D2D81C65C123AE821052C84FA0ED2C5A5A39A7B12CFEB68887722970FC907D1B586A67F8479A1EBC4E8AE4676047086A7EE7520C9147C089B4AE5B2505C14C6F28F645F90C55E51BADBC4B4167EC4A757CD59452E800BCCA9D3DD01BD084057102403B4804D51A6EF404AB5B31FFFFA19AC56861D9863A5460077D109E043E5B2134D812652E80E3FF804FD1A0114FD8F1F72D97A0A6E88A2DE124FFCD2C17B7BCAC30B19189BC8301B25012C05014BA7DA9949A9F0F30470C760474E27A8160F237DAFA85CBE5499C7429109858E581AD2D5A4634691BEFA1C5545F78D0B93F140D5ABF06FB91CFDBD1D93D106199A1E35F651053D0E80787CEED53404F0F0C9EA54C8CC39682916D6731C3B91A4988B54D821F0EAD621606765F8048ED9FAE9DAB781C830C77DA70C44DB8C4BB000CE12C59DCA4BA5966EB25F7B32EBCB524C8C4B019B65E3B024E41BBDE68531A2205A784A842EB9673B56CDF88C2F056C9E5685C7BA0E52E067EC8B4B7CDAA8C6F1AFAFC05C51119A6AC25122C5F93E9157761788AB76641300CCBA08845C2932729CC31FE6E8577E3A565BCA9E6668619874540FC866B8677A8452BEAD9C6648893355D82B2D0EAEF1B13C5B1A3DDDB23B2EA00B9C9F627E753D7FF51D5AF87C2A07FE228CB00EC497D8869973282188833E36C74111050B409877913760E7C77F05B6B4DD19778F69F3F46F54B4842863B7BB0716DA26DDA07DDD334FCC7DD2B1A03FE0DE31B4018D2D96AED72B8D2F206D1011BCEFEE9EA413CDB053665553FEEA2E3EB54DD525DC12B7BBC3A76F1530F320717CBEF5AA541791335901A57436ECFE9917B9D009178CDDFBD9FD8756A808B72668B34A3D86303A6D5F6D38685356C1A87ECD2EC61A63FC53F5DA959B33988E869785E694AB079763CA9DD9B1EA2B8BAE5F31EB75D0F71D87B68AA9A4CB6995859FAB0028EFC633ED4DAA4A8FB0E6A55EF9B2DEA1E947C8DEA81CEAB9232A29340947719D4CEAABFB8E1E065F43F231D6A1C83E8F554530C58F8C02D2386F2C67D2F043097375ABD0C18F390BFA2867F870B1A1DA1AB6103D2275420B09778D9B775F147B6BB47598367F9C44AF509136F5F69E61E4A8592E44C860041D5C9C94A63BE17C6E93995A321238D80EF111F8BF137C7A38FACB6329CFDC9A5B9FB2DB":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" + +PBES2 Decrypt AES-192-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C0408777618CD183CC88102020800300C06082A864886F70D02090500301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"7A776F6C696E":"540DADAE140E86453630405F6C5C97FFBD691D1BB3F9294292138BB3757EB78E1AAC1016257D387FB6D92A85E7D2E41EAC0D532018423B6DD38F3D44460FC818704BF4BF7BA15AA62143386C58615F719A1C0F4D178E0A3BECD7FFD3DC96AA261BE2006DB5C398BBDCFC8CE8D67DE6FD4B5079E60D5C865B41765A2881FD8AFC6D71B0B3B9C3F347EEDE5D355DA83895DF6E055CF6FF713AA9396821403C31440D40DD410FC0AB965ACA89A2A017A9F00084B6C32DB6A65B4EF5698C994B8B822DADE62789C7F0884372FD4CE7F5E9F9A77B35390AA1A236991B1ECA4C072A3760AEA316291112814A0B81793196EEA5ECF45A0E98DA780F251601AAC03950128A6587C83CA3F78A81D046982167B18DBEF4EEF1350E421A7CE37D62D11823E37C0CDA4FDE22198BED5C49F1ABEBDD9A769FC94B8BF2D023A876C9DE5DAC56EFDF4E00164AF02077046D7C8D5A056A2BFFA4E40B385727E12D6B9AC8CF72C7EE3B7FD86D1CE9EA9856C88A0BAE90AF780C32B9C96A064B84D16D343B9F4E5E1C0F76D19AAD9FAC7C7E56810FC44801F81207669C2E8AE3AC7CEF853F87E68082AD620131768360908A6257248FB53E185D97B22F574555F0B9E366C39FD5B1394FDBAE8D14923E90DD9A9F2256627CD3E19E1FC2C1FF773077A459B902564011E5C23254EC62084604BDA1D2ED134F5BA1EF8AB993778267E54851ED04B6A28EEBA9102F69429A8450A246730E071690E245BD5DE3522641664CC31E11AE648414AB825BB9A774CB9E525C23DD83EB7B650CFCB5AE9EE88E0504B34E667B4FE04336572AB95B42ED10C961B7D176C8E7D3A6EF797CBEF33988AB2899DA553210001855AEE49D9E218B1367472D954EDF4681F138554EBC885B5A20BAA0353AA745FBF1D1FBFE6627E5BB03A34DFA9D2A30674A7968BDD705E744A74649D16D00690D8F01880C41F0A7EC090528E228A4DD24B530BD5CDF4F0387DA4A199015CCAC611665424965F69B91782097B4AFCBB696A600A12D15C88E25A6F77FB4AE5D50E81330CBD2F6EA6704E9862413A4B8D66CC66CDAD4A06D74FF4699F06A15EEB8BC79F05A9498010013004A0BCCECBE0EB62DCFFE8F6436B567119AD0A38E870415D39E14A92BB2B4F3C05C552ACC7CC9AD0781735E94CEF1B6422660DF0E501ED8CA1BFA3EB14F9470B889D7FE006E2AD4E4999CB6DF95FF724FDDBFF4C6476FEB9D6AADD0489A226A825EA4F450DDACB34480D5F1E6B9C0A1CABE14659D28068D8806FC75833FFB98B2B81CC91AA590701E061F882020F78FC04C38E3A325E75192A22A6AE1AD60E393AA2F1DF160F881699F3025F7A78E28A14CCB99BD73C135D0E07BFE4E2A2523BF1E0445C550BAE2A72C67C649B1C29A067A7CAC2E47D4A7ECFAF8A255EAC64E764ACC741AE35FC01FA12057F7352FBE7D92E717327EEACD1BD50E5753A26C40BE8DC2FB8375621EB83F96A004BC8AC8B21C0F5217AFE091A844DE866D89E5EA9705813F960DF6457455317835C4B77A443B955960179D3E5A4649BEC702090AFE7E9E2F1AC2DE85BEB31760A8EC81CC58CFF1DD9F06E2786F4320A144E2E4F4A852056007FA5D27A22E99D60B19FC4D36FE1A5BC201D82C5BE861A9D5BAAC6AFB7F6AB1EE748B9880C40D92B7EA65D00A6970C386C1FCDC5E25B7E8790B6F6B8BF631D70262B3CDBD7CA3023090D0F34112135D75E5BE28378CC5EF48585EDD3C95FD9C817F":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" + +PBES2 Decrypt AES-256-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C0408B948C29B606B981502020800300C06082A864886F70D02090500301D060960864801650304012A0410FD87E5DBEE6E498D887C771C454D4265":"7A776F6C696E":"3BDA5B8B7C541816276A84F779F4961C291CCA695D2DEE57F23B359886852947F1609CAA73072A3D1CEC95B17E987B05C4F401ADBF73B602F031BE107D2290E905E1B16455954C58DE8605CA679FDC83EB3C16427294400AFF227126300E4568CF1332ADAA4CB361F52E0DC4FD19682B7762EAF860B1674549D30ABF4DA2F998364FED59247552E807CCCE4CFD5E4B1F5E37EF3F18ED31BC1318193160AC1FFC487646FAB1FC006A0603AB3DFAB0F068B459665D4902624AC487B924914135BDDD7A2899007F45DB30847745464E1D134A58FCFBA69E13C4BDCDAA6845D57404EF0C46C102DB3621A5EFB0B8DC247951C51BB3777782EF59BBA0211AA5B8E6A91AF6409ED2984B50DC06A2295BE99E4A9B2D769BE13E8E6CF9F01259FCDB09642C10AF77B3B3F057F2D8F7AF234293DF08175D40831FAF776C299CCE88AA5F860318BF96F5C4B52CBAEB3E9BF3092A818A4B638F835084C9666D79668E08D125E0668925123F24BE675B592068F8E29D0FCD9D763148F261D88A9DE9022A6759467EA1BB06CDB20FD335E8D080F18A8DE331873C4A5C4213D36C332E319C146EA10F6FB1BF82493616776BBBD6B38251F847F1961FDAE518E18BECACE932C1EB477946D9381036DC2C9537786A3BE295D5156AB479DD6DD0B3E85652A4B66C0BF69926504A2DC5068A99E05F08DDAC2FD99C2AFA76203B64886D99E8D3C67C94C92BDB9D22B28CA775512A55BB7B4A9483DD2541B0BABF58769CDBFB05EE53FE452E0B4B42DF086F2932969AE943837CD2EDF7B5B731245B1A6C83079F42BFF3B170819F852B5AA493B2D9A378FB8C99F400E7F4E2FE503AB7399F271451238DCA8667077E555D6F96747C5854A9D2F13CE93D2BD6AAF9808DAF0BEFE1448A5536927A9D8C7886FCA937C6912943E4B20412540625F277552E6B6FB914F2916B780CD529FB0A3491C9011E3CFED7BDBFEC3BD18B260DB882294D647AB70577E60C6E3E85F6CAAE9F2EC6820115B5CD854A1368CB4B6D23B16B32CB5DB9D77D7A556EEB6ECD4075C74CE606EA25E0300EC65761F0EFDA7B6E8DA3C0196E274D86BC2911C2A96A6E0B6C259449E4D43C248AE5614D4D74147FB1963C5770958523F7AB8606F904892523BECD2D7CC81DD296361C0D11DFB2CA306B42CC0481E9B3A66FE2E17562FC9210139CE33B9724283207EF6B17496D6D0E1D07641A7BDB4DEF9A7CDE297CFBB119FDB43CF970B6DFF5F08EABE5E087DFBDB067CAEEEB460D381C844154947B527C4C40F452A64EF2E15A4A9D13F060835380FA49B5201682F13E543207E791147D15C54C6540F2F3F3D8AAFC50623B260422EA5558906798FB555BEF0EE8BAFB544442185911883C3CA4DAC700BB8198C4C9E136F3517410AB2FFE605BA6AA27CB35958C7B51EDDA0961CD8F42ED7B61342E9BF7783289CB9D299C9CC84F08B7546D28CCCE2ABCB68A7BAEAC6C67E3FAA14E4502D9711CFAC16E4BBFBE016A9755D49E233B3DDDBF03C77F4542D7566B03264B0B85E006CAABEED61715F2E97913F36DB841B3DFEC1CF6549976D93D35AAE9BC1383F84133F38904F819DF3FDC3DBE636F0661DABEF654D2C52BF1A1A2E33F79032F4E2C34981BC354B74B727CCC759209790FFAFED8E9DB5532AD6F9F0BD7B74A5DE63A4363464DC5A137D56BCCFACBB8C77229B048A587027B24D1968A1BEB3935C6C416E4A8AB14F3AF2C1858942D27CB976AF4":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" + PBES2 Decrypt (bad params tag) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C pbes2_decrypt:MBEDTLS_ASN1_SEQUENCE:"":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" From 1c19557f49c191df26d4066838575f42d1b786d3 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 19 Sep 2023 17:27:28 +0100 Subject: [PATCH 02/20] Revert increase of test buffer size. Signed-off-by: Ryan Everett --- tests/suites/host_test.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 95d30f8d20..06f391fa4f 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -459,7 +459,7 @@ int execute_tests(int argc, const char **argv) int ret; unsigned total_errors = 0, total_tests = 0, total_skipped = 0; FILE *file; - char buf[10000]; + char buf[5000]; char *params[50]; /* Store for processed integer params. */ mbedtls_test_argument_t int_params[50]; From 1a913093244aff20c37fa1b6b60fc7c21139ff37 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 25 Sep 2023 14:15:03 +0100 Subject: [PATCH 03/20] Restore array formatting Signed-off-by: Ryan Everett --- library/oid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/oid.c b/library/oid.c index 89d133dfe4..a1cf6fcd07 100644 --- a/library/oid.c +++ b/library/oid.c @@ -710,7 +710,7 @@ static const oid_cipher_alg_t oid_cipher_alg[] = { NULL_OID_DESCRIPTOR, MBEDTLS_CIPHER_NONE, - } + }, }; FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg) From 223e716693f969561db05d887e66b6aad576e814 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 25 Sep 2023 14:26:53 +0100 Subject: [PATCH 04/20] Replace AES-CBC test data Previously the buffer size was increased in order to allow for large test data, these new tests fit in the original sized buffer. Test data generated with openssl using the following command line: openssl kdf -keylen $LEN -kdfopt digest:SHA256 -kdfopt iter:10000 -kdfopt pass:"PasswordPasswordPassword" -kdfopt hexsalt:0102030405060708 PBKDF2 openssl enc -$ENC -iv 2F904F75B47B48A618068D79BD9A826C -K $KEY -in $IN -e -out $OUT Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkcs5.data | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 8480b5c006..94ac86c045 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -142,21 +142,17 @@ PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" -PBES2 Decrypt DES-EDE3-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C040832A773780540A2D602020800300C06082A864886F70D02090500301406082A864886F70D03070408480B29975B655BCE":"7A776F6C696E":"7C4948C17F9ABCDD9CC8DE3C91C83B6BAA2D01ABBC86DD3336875B018A7AA5527EEBA4788992FED8966923A1BD0405A1B2CA2FC011944E360863E4437D14C2F82A465D3F58D3B005389F8B46F5900A170B7A6A371DD052C59EF76858ADB553E1BD9EAA284EE1DA150BBF61879A6FC265886B5D12596D2413A9E3881EA49366D68BFD6DDA087E15A3F1C426D0416B294A57F7599D2F49C5090550A4DAD4781541E362D76F84A3389676EBE4F556FCCFC8E16065101ECC888E60D5DD58244A3CD1B90731DB5A43B30BDBF41C66A3E26AAF6363D630242CC1A6F456672FB7290D5542BFD32776619C6FD9C863CAC856DC529EFEFBE96F353697E5EC878762814ED0E6A672B38BF0D5B76F1825E8C697A646779FCD819BF4F28AE461D436D8535641670638E5C6FC8F7F2B6CA9F2868DEC0A3830645BC84701CC6A02A14E2AEE8D33D9224C96FA2F26F4675B3A73A0C7571552FE25C49F2455526D93F869A7E7C56E5E9F3012A05B298A38D7E3EEF66C6E13301B34B15C3D98446BF044E1F7C4A6FCE867AB9A68567ABC844A6B65AF8FA33D6BF899ADE0DCE98D50352F15EE2AFFD5D3BECD867DA7F54C6DEDB3396D30516FAECD3E62083E55A4A65D3CE6AB39DADD6A7C5EB192F14B8D13773AFA2CBB081350FA7DD9B5F1AD78E0F9DE17216DAE4D21EA843C4DDCD2C0B963F27F9F774435C200864D59CF28C483BCD948CA1E8950CF7C924D7BB69D85FD99BBB3E466AC36B0887CCCCDA508C55D55AC0B7045B6CC4013E9B216E6C40A6F1EFA299A078849DF7C90D1F8BCA7295B0C74403C6AE3D79717955F134AB7962F44DA87351B6F71569CA30A3D55B58958C485A285C169649607F2736DA0FC1E6BD35B7F63DBD8B3BDF300603BBFB54C23F895DCC5E086BDA3EB41D54E591A5B8537EBA4AA876513271270E2D953DA6F7AF95EF91CC986487E1F3136B15368C9638D5867FD4F8E581A3E6E1D552E778C99E465D7B243AE2C4525CE15C35E6588931FE8C476BA8ECA7CAE327B946C384FDF37448BE3662D1EAEFF7063C8427BADD713CB8EB7093FD9F3ABE582B9175C5AE10F1C85369B93A0DA29F120B12206B31B25670C8025C7F74FC2F59ADBA35E157F5BF2E77B01D61A77F1E33B7877A54F66ABD1E6CA12819EB951CFD89BBF985FD550EB2AB5AD4B8B0099A00E3FD358D2808E6178C14B1C365A1D31B7BA3F9F7F7A06852C5329D26C64AB4C1392C2FA9CDD78D30983C14E7BC9F19EF30BA5CC58759C7BC6F7F324D0A79188EB0740FD83E3B0B0664748F16071BB658C5679B7967C31300BC11B73A18545959F324734FCD4C06DE33E9290915A40A8F7799E049B8B7CCEACA02515720ECFAD78B7CB36A6144EB9AE483EA1AE978054B84C68BBA29D95C619516B783D11A6150D88DD594B975A7FD217944BD177E04FE21FE78B7BDC4B4E1E4012B756AF83589447739A5CEF211AB706C137FFC28D17F24891DF0C5DD811DE3AE90B6C4B0324376EB8A4980CF789541E2A1BFAAB3E0E64D50F584346727FEEB4EC1BBC1FFE08AF71E1A700E890006401191047661CAF3030F0D489C28BFFF374334036A68A6F4D67C25E90B04ADD9AC1763183E30E461918D45EE9C3A4F4CE621FABF6907901939278FB6FE940BCF0C6575F25C759263931383B001C7823340D9D739520E23517A8CE6EBBD4D16AAFA2149B9F04873DBD652D8CE033D65C021D4825A065F6E4CAD1927F9A":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" - PBES2 Decrypt AES-128-CBC (OK) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C0408E9ED80B476045B2602020800300C06082A864886F70D02090500301D0609608648016503040102041052C89F1A8BE8E0EAE6D415F1974624A4":"7A776F6C696E":"279EBEFD0DDC751FFEABDC91F9C8BEA6081E58702D429E0D44FE96735AE6DD58BD4CD84498A91804F43D669A7159C57B758D536C0CF237FE4E868CE0AE87DA2C97B9649975FE189A9200435BFFD0304286508B0F9AB8C2E36B09AF336E27A6F40EE1AA1906A38A9E187E4A7A14B472D89C6A65D39AA9D390445A6859894431BEF8EAE07B914A70F55D95DF2FB1DB8B40154C1F1E16B4273156328DBAFDDBE2AE41BEAF227525D3B5D57FE9B7C188A2FE8493ABA3C916EDF486F520C670F505A4FC8DD083245032EF69C6C76141C8576AE7E59D4DB5974C316848CCCF6A36EFB3BA67175FD996756F3E51034D659CF98D95F953BBE5A9DE564426FCE324D3A3F463C2E6464DBC34610ECEC20518B47ACB9A4ED85C326A963D3B3C7088AF2A320E4B364666D2EE3D38D067808EC01BB765C5D4B4487E2F9D9FFEC8F0EC4C4262070F252C7E9D95CF01747055E2176BB9D17DE302ADC1C39335849797DF171AAF89946931D5A5C94FB85DB84D67290974B4F8F8E677F77FD62FE7B0A10E4DE9FE83598F47D3B32015FA2B1558672D2D81C65C123AE821052C84FA0ED2C5A5A39A7B12CFEB68887722970FC907D1B586A67F8479A1EBC4E8AE4676047086A7EE7520C9147C089B4AE5B2505C14C6F28F645F90C55E51BADBC4B4167EC4A757CD59452E800BCCA9D3DD01BD084057102403B4804D51A6EF404AB5B31FFFFA19AC56861D9863A5460077D109E043E5B2134D812652E80E3FF804FD1A0114FD8F1F72D97A0A6E88A2DE124FFCD2C17B7BCAC30B19189BC8301B25012C05014BA7DA9949A9F0F30470C760474E27A8160F237DAFA85CBE5499C7429109858E581AD2D5A4634691BEFA1C5545F78D0B93F140D5ABF06FB91CFDBD1D93D106199A1E35F651053D0E80787CEED53404F0F0C9EA54C8CC39682916D6731C3B91A4988B54D821F0EAD621606765F8048ED9FAE9DAB781C830C77DA70C44DB8C4BB000CE12C59DCA4BA5966EB25F7B32EBCB524C8C4B019B65E3B024E41BBDE68531A2205A784A842EB9673B56CDF88C2F056C9E5685C7BA0E52E067EC8B4B7CDAA8C6F1AFAFC05C51119A6AC25122C5F93E9157761788AB76641300CCBA08845C2932729CC31FE6E8577E3A565BCA9E6668619874540FC866B8677A8452BEAD9C6648893355D82B2D0EAEF1B13C5B1A3DDDB23B2EA00B9C9F627E753D7FF51D5AF87C2A07FE228CB00EC497D8869973282188833E36C74111050B409877913760E7C77F05B6B4DD19778F69F3F46F54B4842863B7BB0716DA26DDA07DDD334FCC7DD2B1A03FE0DE31B4018D2D96AED72B8D2F206D1011BCEFEE9EA413CDB053665553FEEA2E3EB54DD525DC12B7BBC3A76F1530F320717CBEF5AA541791335901A57436ECFE9917B9D009178CDDFBD9FD8756A808B72668B34A3D86303A6D5F6D38685356C1A87ECD2EC61A63FC53F5DA959B33988E869785E694AB079763CA9DD9B1EA2B8BAE5F31EB75D0F71D87B68AA9A4CB6995859FAB0028EFC633ED4DAA4A8FB0E6A55EF9B2DEA1E947C8DEA81CEAB9232A29340947719D4CEAABFB8E1E065F43F231D6A1C83E8F554530C58F8C02D2386F2C67D2F043097375ABD0C18F390BFA2867F870B1A1DA1AB6103D2275420B09778D9B775F147B6BB47598367F9C44AF509136F5F69E61E4A8592E44C860041D5C9C94A63BE17C6E93995A321238D80EF111F8BF137C7A38FACB6329CFDC9A5B9FB2DB":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt AES-192-CBC (OK) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C0408777618CD183CC88102020800300C06082A864886F70D02090500301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"7A776F6C696E":"540DADAE140E86453630405F6C5C97FFBD691D1BB3F9294292138BB3757EB78E1AAC1016257D387FB6D92A85E7D2E41EAC0D532018423B6DD38F3D44460FC818704BF4BF7BA15AA62143386C58615F719A1C0F4D178E0A3BECD7FFD3DC96AA261BE2006DB5C398BBDCFC8CE8D67DE6FD4B5079E60D5C865B41765A2881FD8AFC6D71B0B3B9C3F347EEDE5D355DA83895DF6E055CF6FF713AA9396821403C31440D40DD410FC0AB965ACA89A2A017A9F00084B6C32DB6A65B4EF5698C994B8B822DADE62789C7F0884372FD4CE7F5E9F9A77B35390AA1A236991B1ECA4C072A3760AEA316291112814A0B81793196EEA5ECF45A0E98DA780F251601AAC03950128A6587C83CA3F78A81D046982167B18DBEF4EEF1350E421A7CE37D62D11823E37C0CDA4FDE22198BED5C49F1ABEBDD9A769FC94B8BF2D023A876C9DE5DAC56EFDF4E00164AF02077046D7C8D5A056A2BFFA4E40B385727E12D6B9AC8CF72C7EE3B7FD86D1CE9EA9856C88A0BAE90AF780C32B9C96A064B84D16D343B9F4E5E1C0F76D19AAD9FAC7C7E56810FC44801F81207669C2E8AE3AC7CEF853F87E68082AD620131768360908A6257248FB53E185D97B22F574555F0B9E366C39FD5B1394FDBAE8D14923E90DD9A9F2256627CD3E19E1FC2C1FF773077A459B902564011E5C23254EC62084604BDA1D2ED134F5BA1EF8AB993778267E54851ED04B6A28EEBA9102F69429A8450A246730E071690E245BD5DE3522641664CC31E11AE648414AB825BB9A774CB9E525C23DD83EB7B650CFCB5AE9EE88E0504B34E667B4FE04336572AB95B42ED10C961B7D176C8E7D3A6EF797CBEF33988AB2899DA553210001855AEE49D9E218B1367472D954EDF4681F138554EBC885B5A20BAA0353AA745FBF1D1FBFE6627E5BB03A34DFA9D2A30674A7968BDD705E744A74649D16D00690D8F01880C41F0A7EC090528E228A4DD24B530BD5CDF4F0387DA4A199015CCAC611665424965F69B91782097B4AFCBB696A600A12D15C88E25A6F77FB4AE5D50E81330CBD2F6EA6704E9862413A4B8D66CC66CDAD4A06D74FF4699F06A15EEB8BC79F05A9498010013004A0BCCECBE0EB62DCFFE8F6436B567119AD0A38E870415D39E14A92BB2B4F3C05C552ACC7CC9AD0781735E94CEF1B6422660DF0E501ED8CA1BFA3EB14F9470B889D7FE006E2AD4E4999CB6DF95FF724FDDBFF4C6476FEB9D6AADD0489A226A825EA4F450DDACB34480D5F1E6B9C0A1CABE14659D28068D8806FC75833FFB98B2B81CC91AA590701E061F882020F78FC04C38E3A325E75192A22A6AE1AD60E393AA2F1DF160F881699F3025F7A78E28A14CCB99BD73C135D0E07BFE4E2A2523BF1E0445C550BAE2A72C67C649B1C29A067A7CAC2E47D4A7ECFAF8A255EAC64E764ACC741AE35FC01FA12057F7352FBE7D92E717327EEACD1BD50E5753A26C40BE8DC2FB8375621EB83F96A004BC8AC8B21C0F5217AFE091A844DE866D89E5EA9705813F960DF6457455317835C4B77A443B955960179D3E5A4649BEC702090AFE7E9E2F1AC2DE85BEB31760A8EC81CC58CFF1DD9F06E2786F4320A144E2E4F4A852056007FA5D27A22E99D60B19FC4D36FE1A5BC201D82C5BE861A9D5BAAC6AFB7F6AB1EE748B9880C40D92B7EA65D00A6970C386C1FCDC5E25B7E8790B6F6B8BF631D70262B3CDBD7CA3023090D0F34112135D75E5BE28378CC5EF48585EDD3C95FD9C817F":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt AES-256-CBC (OK) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302906092A864886F70D01050C301C0408B948C29B606B981502020800300C06082A864886F70D02090500301D060960864801650304012A0410FD87E5DBEE6E498D887C771C454D4265":"7A776F6C696E":"3BDA5B8B7C541816276A84F779F4961C291CCA695D2DEE57F23B359886852947F1609CAA73072A3D1CEC95B17E987B05C4F401ADBF73B602F031BE107D2290E905E1B16455954C58DE8605CA679FDC83EB3C16427294400AFF227126300E4568CF1332ADAA4CB361F52E0DC4FD19682B7762EAF860B1674549D30ABF4DA2F998364FED59247552E807CCCE4CFD5E4B1F5E37EF3F18ED31BC1318193160AC1FFC487646FAB1FC006A0603AB3DFAB0F068B459665D4902624AC487B924914135BDDD7A2899007F45DB30847745464E1D134A58FCFBA69E13C4BDCDAA6845D57404EF0C46C102DB3621A5EFB0B8DC247951C51BB3777782EF59BBA0211AA5B8E6A91AF6409ED2984B50DC06A2295BE99E4A9B2D769BE13E8E6CF9F01259FCDB09642C10AF77B3B3F057F2D8F7AF234293DF08175D40831FAF776C299CCE88AA5F860318BF96F5C4B52CBAEB3E9BF3092A818A4B638F835084C9666D79668E08D125E0668925123F24BE675B592068F8E29D0FCD9D763148F261D88A9DE9022A6759467EA1BB06CDB20FD335E8D080F18A8DE331873C4A5C4213D36C332E319C146EA10F6FB1BF82493616776BBBD6B38251F847F1961FDAE518E18BECACE932C1EB477946D9381036DC2C9537786A3BE295D5156AB479DD6DD0B3E85652A4B66C0BF69926504A2DC5068A99E05F08DDAC2FD99C2AFA76203B64886D99E8D3C67C94C92BDB9D22B28CA775512A55BB7B4A9483DD2541B0BABF58769CDBFB05EE53FE452E0B4B42DF086F2932969AE943837CD2EDF7B5B731245B1A6C83079F42BFF3B170819F852B5AA493B2D9A378FB8C99F400E7F4E2FE503AB7399F271451238DCA8667077E555D6F96747C5854A9D2F13CE93D2BD6AAF9808DAF0BEFE1448A5536927A9D8C7886FCA937C6912943E4B20412540625F277552E6B6FB914F2916B780CD529FB0A3491C9011E3CFED7BDBFEC3BD18B260DB882294D647AB70577E60C6E3E85F6CAAE9F2EC6820115B5CD854A1368CB4B6D23B16B32CB5DB9D77D7A556EEB6ECD4075C74CE606EA25E0300EC65761F0EFDA7B6E8DA3C0196E274D86BC2911C2A96A6E0B6C259449E4D43C248AE5614D4D74147FB1963C5770958523F7AB8606F904892523BECD2D7CC81DD296361C0D11DFB2CA306B42CC0481E9B3A66FE2E17562FC9210139CE33B9724283207EF6B17496D6D0E1D07641A7BDB4DEF9A7CDE297CFBB119FDB43CF970B6DFF5F08EABE5E087DFBDB067CAEEEB460D381C844154947B527C4C40F452A64EF2E15A4A9D13F060835380FA49B5201682F13E543207E791147D15C54C6540F2F3F3D8AAFC50623B260422EA5558906798FB555BEF0EE8BAFB544442185911883C3CA4DAC700BB8198C4C9E136F3517410AB2FFE605BA6AA27CB35958C7B51EDDA0961CD8F42ED7B61342E9BF7783289CB9D299C9CC84F08B7546D28CCCE2ABCB68A7BAEAC6C67E3FAA14E4502D9711CFAC16E4BBFBE016A9755D49E233B3DDDBF03C77F4542D7566B03264B0B85E006CAABEED61715F2E97913F36DB841B3DFEC1CF6549976D93D35AAE9BC1383F84133F38904F819DF3FDC3DBE636F0661DABEF654D2C52BF1A1A2E33F79032F4E2C34981BC354B74B727CCC759209790FFAFED8E9DB5532AD6F9F0BD7B74A5DE63A4363464DC5A137D56BCCFACBB8C77229B048A587027B24D1968A1BEB3935C6C416E4A8AB14F3AF2C1858942D27CB976AF4":0:"308204BD020100300D06092A864886F70D0101010500048204A7308204A30201000282010100D0680E66E3F69348A111BC720B747A402236FA15B330004F21A97E903AB94419F485688BAF2EEC07306D4C321D91DEA5D426D6336D342D967DC4192D537FDFE42548AEE817B57B82A9D75C8308839C739C830C3B6847D9F2EE65899F117DA196DBF64BD6AC6CE4486619FDFB41C57AFB8B8E893526699976CEB8CD3E07B668FB3F18D70C816F6BC1B26F767B1BF987B4D994FD5F53F7B497FF6A43F73D383F8DA05BAA2A68DDDDCFD2B3A7AACFA8B06D26D2C261BFEC13E7BA7C88AC7CA5AE187BE31D8E579FEE2FC90C31E38C249EBC13C70490AC3463269FACF294D419505ADBC54B0697BF01DEB8EB83DF3236DD9059E6BD0CE64D8D39CB80A2DCDF82E19B020301000102820100517E4F1B66CAF5BEF1D4F8A673DA412FB0F1648B75BD3071C10D0143AEE2E14170FF75E92140ACE506C7C682D6534307FF548C7021A4C4AAD3550A2F52366FBB4BE5071814A54FBDC1624877A8ADA6510303AF95CF6A414CA0722E05789672C8860CE28CF871C0369B4E50A59E8B7552C5B89FE89BB3B161E6E616C3C9CA47743A32482A8885035BEB72E85564A0F004C4A99A935F4BAB523857E558FCF4A27ECD30EA5A91205BD84B9F550565561C9CDC324E3CFC478445D12C032B0057035EF4F548280F238038F3EE6097864D8724AFB53BCA8C62A8F5177AA072D4784EAAEB8B81BB6A3ACF453C5859B374E1FA3B3959FDBD630044B530A2FB50232517D902818100FE860C42D18CBDF8758CF5D4D2487E8EA4C0D6D3A1C735AD14A37A66D972B7B2B3D9551E0B25BAB7F58EAD0B7A696686F4B98DDCB15A20A388D1AB7793004B83B97915D747F8CB09390D2C2A0DE05FCAFAA36911DA2F5D30E0E0178FA7B7B0E57006A44056169078690F9B48225340812A2ADA48CC56B48A0FC75C842DE94FA702818100D19D86F612C92312B3C7F673CA9F4C4808ABEBAD925526A4509E3179C025DFE351720B40562355955B5856A0C9B306F0AAA3C132CEF8E04D94651FCE6A6B89FAD6A683E40551743D962FB4AE5895F7186D9EEC1F5E8A11CCC8BE1783080C5C86E909CF366B26E79316AC687F42E6A6300BC50B944642CF297393FE9EF47F3CED0281806035C18ABC754C1610314177BA2947159A777E7D2F0903643289FD29C58694A3CB521AD7A97510989B0CDCA29B1A1E74632B84D16884DE13931356927391C7F9B9F1686D213A8D5D2620B1920FFEC1971399138D79013063DA8D3ABAC5B62CFAFD96B51DD0ACE4DD6F31440C47555AEBB849CC8B7A1A48526BD67B4547A98ABF0281800E8210AD476F9475DEEBA02B3383030C994D0CEADE8DF636B93DB9BEEB85B3915039CC7D8F78B29BBBCEC9702785B49D43B241D4FA6E4F580F45508640E7608D73FDE2730DCB2D7875C4A784C9ACD7856150F696D53C492F1B55CCDACCDBCE2BA8457D8A0EB08AA6AB9313487BA0EB2FB820D34457F897CE0EA9D79DB8DE75A102818100DB30BDD1E07CB8131091FB3DE7284553FCB0C5C9797C02A74D364D235A41DBCB3D210528722440AF91B073BD5D8EEE0123DC32FF67CE8410E9875B3061AA976E0470797A03C7A59B4A25986AF2C79D2237AABADEF8A9F7BD117CA7274FBFAB4DB7BB77583720419A14938FF1DC643D7AAF7119A3DC46F7F178778C51310579A1" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt (bad params tag) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C From 8494c986a0cf12ad8e8dd8359bed055eb7028f0a Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 10 Oct 2023 18:26:57 +0100 Subject: [PATCH 05/20] Add Encryption test data for AES 128,196,256 PBES2 Data (for encryption and decryption) generated using openssl: openssl kdf -keylen 24 -kdfopt digest:SHA256 -kdfopt iter:10000 -kdfopt pass:"PasswordPasswordPassword" -kdfopt hexsalt:0102030405060708 PBKDF2 69D1831EA16816B82797E5E9619C2F62153BC65C1791B5C0 openssl enc $MODE -iv 2F904F75B47B48A618068D79BD9A826C -K $KEY -in $FILE -e -out $ENC Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkcs5.data | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 94ac86c045..f372520e3d 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -142,6 +142,18 @@ PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" +PBES2 Encrypt AES-128-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" + +PBES2 Encrypt AES-192-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94" + +PBES2 Encrypt AES-256-CBC (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" + PBES2 Decrypt AES-128-CBC (OK) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" From 632699b9255be5070c35618622b70db1bbc7248d Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 11 Oct 2023 14:20:33 +0100 Subject: [PATCH 06/20] Add Changelog Signed-off-by: Ryan Everett --- ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt diff --git a/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt b/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt new file mode 100644 index 0000000000..96f48d6e7c --- /dev/null +++ b/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt @@ -0,0 +1,3 @@ +Features + * Add support for using AES-CBC 128, 192, and 256 bit schemes + with PKCS#5 PBES2. \ No newline at end of file From cd80f09aa3628d671394fa985948de1b287c5689 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 12 Oct 2023 11:08:20 +0100 Subject: [PATCH 07/20] Fix Changelog formatting Signed-off-by: Ryan Everett --- ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt b/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt index 96f48d6e7c..e00c1e0a6c 100644 --- a/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt +++ b/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt @@ -1,3 +1,3 @@ Features * Add support for using AES-CBC 128, 192, and 256 bit schemes - with PKCS#5 PBES2. \ No newline at end of file + with PKCS#5 PBES2. From 86bfbe8ef2621973f4760bc8f0299e14aa1dc7a2 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 12 Oct 2023 11:19:13 +0100 Subject: [PATCH 08/20] Fix test data dependencies Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkcs5.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index f372520e3d..3bd6b49f09 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -143,27 +143,27 @@ depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIP pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" PBES2 Encrypt AES-128-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" PBES2 Encrypt AES-192-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94" PBES2 Encrypt AES-256-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" PBES2 Decrypt AES-128-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt AES-192-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt AES-256-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt (bad params tag) From 4cfd6a6bc6ca35f8debc069c2a1ff026756c303b Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 10 Jan 2024 19:15:45 +0000 Subject: [PATCH 09/20] Fix dependencies in pkcs5 aes-128-cbc tests These tests do not specify a hash function. This is an optional parameter with default value hmacWithSHA1, so these test cases are dependant on SHA-1 and not SHA-256 Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkcs5.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 3bd6b49f09..453ee231cc 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -143,7 +143,7 @@ depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIP pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" PBES2 Encrypt AES-128-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" PBES2 Encrypt AES-192-CBC (OK) @@ -155,7 +155,7 @@ depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_ pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" PBES2 Decrypt AES-128-CBC (OK) -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt AES-192-CBC (OK) From ae0b4bd04c10df2ca397844359c5a93f1c65e327 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 10 Jan 2024 19:19:10 +0000 Subject: [PATCH 10/20] Add more details to comments Signed-off-by: Ryan Everett --- include/mbedtls/oid.h | 4 +++- tests/suites/test_suite_pkcs5.data | 12 ++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 3a7f740c99..de8e4545e1 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -300,7 +300,9 @@ #define MBEDTLS_OID_HMAC_RIPEMD160 MBEDTLS_OID_INTERNET "\x05\x05\x08\x01\x04" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= {iso(1) iso-identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1) hmacRIPEMD160(4)} */ /* - * Encryption algorithms + * Encryption algorithms, + * the following standardized object identifiers are specified at + * https://datatracker.ietf.org/doc/html/rfc8018#appendix-C. */ #define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG \ MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 453ee231cc..790a31ba01 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -142,27 +142,27 @@ PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" -PBES2 Encrypt AES-128-CBC (OK) +PBES2 Encrypt AES-128-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" -PBES2 Encrypt AES-192-CBC (OK) +PBES2 Encrypt AES-192-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94" -PBES2 Encrypt AES-256-CBC (OK) +PBES2 Encrypt AES-256-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" -PBES2 Decrypt AES-128-CBC (OK) +PBES2 Decrypt AES-128-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" -PBES2 Decrypt AES-192-CBC (OK) +PBES2 Decrypt AES-192-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" -PBES2 Decrypt AES-256-CBC (OK) +PBES2 Decrypt AES-256-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" From 1f935f50270f759c4223ef08dffb1f09312c516e Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 10 Jan 2024 19:26:19 +0000 Subject: [PATCH 11/20] Add AES tests to test_suite_pkparse Test data generated using openssl: openssl genpkey -algorithm rsa -out $OUT -$ALG Signed-off-by: Ryan Everett --- ..._pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem | 30 +++++++++++++++++++ ..._pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem | 30 +++++++++++++++++++ ..._pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem | 30 +++++++++++++++++++ tests/suites/test_suite_pkparse.data | 12 ++++++++ 4 files changed, 102 insertions(+) create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem new file mode 100644 index 0000000000..276c613135 --- /dev/null +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIV3y5ahakUYYCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAECBBCcu2VAdIWUQawcrlhFDgV+BIIE +0JMB3FUnHGs5otXZJvxOkiIrliuQiDjy8AuctQdVNhArYeTfTxW6wZZxacDOAJT/ +JvxbpKRANBSCp+TOf5jMAHl11L8Pr7Z22HumPjJXyuTwntG/lYpWzHKLo+V2GGFo +8E5Q0uya0A+4sL80JQMKa6G4BZGdnOwD1krUPxrxsNXVRbsHcsewUc1nKshPlj0X +1A4Fe6IqgichLPODluJcJo6tWCrhKdDxyDzCdZ0ZiJpUgH7SPo3XZ6GO68nlSKz6 +vwChjrkUsmgDbeGr8yFP4kuaagRngMovGQXcYyNBDWZQYKM7uMqz6zuh4VJuvAJk +h/d8WDkFz6fJAEpqYYDBqVj5vGH3Xq0e4LzErJ0s8jQuOy66noiQIXF5U9V6sLvk +irbIyEVcBUWUIs2QCgEVbKRTNAzo3+V690etqVYx5mW8m3CenJ4TrrtsQJwOZlF5 +tz6a+RNjj5EZKRx5WoOQ/ZyQK77+dg4lO0MbaUptBawsLifCQANmJ7hOIl/aG8ae +8ZnBUFYR4Cmomkcb/OjabGv5iyizZ3esf5kfmhvaRDQN+V7Vx7Dy6lzzpJ3vhxoo ++VRCFAVIS+XPvGLynUvawHiSWlzYFKeX6t9ZriIDomVxZE/+zFbw6iQmE4pM6jS7 +mgwuVeKFeD0zVOI3I3pXN0NBZYZgkO3gdly6QbmETxkZB2ccv+Bqe/DdAi4Zq/JO +prW8x4o5wogfn5heVGB++Kh8l9jXxqqh8f8txNwfR0oli/TQdT78FgXcaWbQh+e+ +vFtIAIHlGK+u+FGPJm4DuyW5LY+lYE0aJMD9Bre8yWVy3aF4IZ9KQz4gxObQS/mu +CXHqPCiuwnjaiGFwf6IuTvX3hD+9j9XvGKZn8Y7U42iwzKdYD6qRAXn4+v1G9KIV +cPB1XBCpnEk8E+whjaht5EnAk2I/vesT3akfemgRxEegKS1Ziu/bwTId5mFLx3oV +ql0Nb8dAlIkpDTwxGK7FgRhUwutml6HvvYKtG10OqvrFV026pyQnkVMBGCUMRKvO +ddNAKOr8Mz0qrme0osCxVBdLxnVjvIwsiPBsX2INV86xW7DUe50u+mbCxu4eXCsA +zIJps5WP+ol4z04oZEUp9DEFxILO65MBmWd8y43UqRaaAOXYU+IZ5Tyx0wPcSAbb +iLMFwZ5uA3rIXSvzesgdiX5oJOY1+Y4hpBB6148u2YmKQsNLC0FLodEdXrrDacS4 +jJbc/Zlw2Q2u+YXBzec9hLGsA63qGybc8gmrYYoutwv4fYwSFx8N5AiENFYughBv +EyYXx/gjsSUJOZpI7VDcTS5YiqxRy8VBGXM/ewcvsNxjLTiyQz2Dv8PvGdCzJHbE +CelmFM+RKa/NzkIv/SwM5hXKCO8wpXT5HApXiTxCjonX/f4Uqu0JxiHYqvV7ih3p +k+9kE2eo3GzXWPG4DvcKpDd8pz0aAV02+AGZatRceg0wpOVzo+EC7c8V0SU4De9V +gLyYzY53HLbeqhPm3Yb0yt6fIBfcRxLi7A86K9c2+Na4BFLJPvf7pMQLmLlcdp1M +wKQhQw8DFxxstrup98H29r2n+XzPukhZawQfTEJwfx8y1Kp1UvJOeg/wL1PayyNv +0CQRRMZ0UEb3o6GjSyb3j98oGNe1LAvoykqc8QsBlP6f +-----END ENCRYPTED PRIVATE KEY----- \ No newline at end of file diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem new file mode 100644 index 0000000000..06bcd28028 --- /dev/null +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIw3sKoAeJu8kCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEWBBB/MRVI6fUEUiqwEb+tcClNBIIE +0JH3R2rIt9cTB0FcsWjoHKFtVy1DTtHZUwk5FlHXm00ngB46gIDzAbTdow6WpspV +H3wJgwU//AAE4bwuZ/AcQlRz2M+OuO3GT47EhjKvXiS3OjrIvkXp24LCS3lSbFV+ +dGc6A2CXlSHF9c/umrKlRtVpSXsnBlVhggVyI/1RidBmCeF2i2205bt/Z2mjODo3 +SlSZjZ8GeFOnm/0zSBxgltbemgfsNMo1QOFRTXblzRE9Ldc5DCPgyCNDHOVUugO3 +lrf9Wyak2oiUtCG5cApaeDTedQv61YK+Zt/ptJmXps/N0nskb3X40ngs+buDuAVP +7uUTxP8ZkvQdVcWD/FNweAPssAGxDcWhacVxeuXdDb+ktjZuHnYJ06lC5nTdJAi3 +zRuvXpYNPQNBfU2MwYV4P4g67ltqdtfZcOiqMIqtb0rWu+dfS0cVPUZHBhHATFbA +Tvo0GtUKuhLzGP4Zr6RSJVlxkjbNtfrE3lS1b5HwaE04F6iagRdH1b6f00FfFXAr +oTFz4/ykkY9q7w3yTLfX/8B5EUbcXLzJBZrAWA1RmsV6aiAvgh94587QprRrL6dD +gcCTjLeVIFw4QNQvzkroErWQbEsZ33cAFB/qJDSEd1FgEMh4LsbHwGP8M/iQNaV1 +WWgh43j3XjwAC2f17okd/+1WxhwpugEJ8EeSfY3oONtyE8sAXRhPLpR1eouRqTmY +5032TNhf9hzNIvJ1eYwehCZfZkvuqJxGe6rXbV579qSThzUpfz6BYylS+xcf6nJP +JniG1RodX/AkkicmKja4fNcp7JDDsmBPU9pLOfr8SodUlimGEQ8PGNNYIrOjKbHe +BICi0ZDSxgt+pPUfjeF9VIcYHF7vUj15ovbd7uJSshmEIIxdX2YDzOjoJHYevsyZ +uZm2ONA90R9szgJMWP2ChKXaNF0UySaG3hueWDRa7GJMPRjpCvcwhAw29YHSvNOq +MbQmyyjFDAk07BFXvXSahSXODe0HPVTbyT8eP2SO7VMPuOWdxH9+adOl8KPCx0L7 +kwiPgnRhAGaevOZs8M80EEOC6JLR9hM9LVCHWnXD41NvGgCSmu8SwzKzKB3KBVas +aSb8XW7IuNFZh2o6FfmDKUp0uXoifWVWe96ertJrHckRbTd4ZpjK2bWChh3WxE9s +0EYG8PAu/NSW7ARPgXZ43f/nYieSQd01zty8Vj4io2gVpQDm0YtZrv/a+gW3HSQj +mBmdDOsQmpP9gfCnOJOILlE/+ouVYiGeSMFbKc1tde1FBtwt0RGQVM7KoRb7itNe +AntBerIDERzq83iXvalzYdB2qw9yzZwvf5hGvNn+rDCD3aZTrr6if9QrrVeDYcTd +TTOVeQx2RgtXv4xdiV4epS8e7xOgLZphC52E4WTRoBz1qEJRHGj1HX8REJ7Q47HK +cZr5IZdLuIulvPPWcY/KLw437h7njAMM2rT0HqL5yZA5Bcnpj/SCQGRHew7OacSK +p1WKw2C/R6MTGDFplefr/f3NUT4quWybfHQG3L3zqjSbKBS0pVPlA4SPwhSgev3P +v+sShYuWwLTiVfzep/nBRcz2W3CHtHI2oahjEI9Vm/7WSdjxl7tSrHlsy7JbVuOA +3PF6QbG2JWgnyfmmgtK86iTchMlxBgWe5S5lz6kZNUXN +-----END ENCRYPTED PRIVATE KEY----- \ No newline at end of file diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem new file mode 100644 index 0000000000..eb2ee1456a --- /dev/null +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIcVlPn8HF5kcCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBA6UHwbVfKyYQwiCmyTPE/QBIIE +0Na0hdMyQvJvRUKDvR9Gds0VrwRjHq+WBCDcHfJJRS5RiSCWnOCifZHA/zYoYZ4j +rHnuzmheOuGZWjUkdZQ8kVKFGGCKQjHKHTlfDhVv/SQzwYYWVRyaubDC2SKYORKf +zCFzLjr8RCwBo0ubh9q+QvPrmvy/jZYHYruU7vGseS4vKnWwnXey0ii8L2qD71Fo +uH6WAMRc6xHzm1W2WSnFZvZFLwCmGg/LlHc34TdCgXyX8dhJsIAwlwuCStFWs194 +A5h5ZrLiDdpGCThn47H0jx8kzVcoY+dwuJXgNfzAbzDgbRyzCpQx7Fulzf36iyPO +fq1OrF0+DUSrEv1GJTXT4/1xlpaZgR2RT7in7jCSE7XyATBLRrL9nKAQCmLAARnb +ITLWUPMmxJJDLLn9faBt7ZpyRzLRqGMT6nRNBouAg8DWqqcRvBLfi3TxoQ/KS2BJ +HMtyTfSQpghAsUUqraquSfyLoA1+b47gO+H/grQIMMnfThGiUx9MLOGFAvQ3Um8R +aoTm8X8RuAH3BALA0m9isRww/yA/dw/03jtByDYMeQ/NAHAgL1proXqsojHIYN5v +6vesHcATHGiFnPY0kqKVyIN1G8n5Gji5P875GPq00WN2kPMLiBG9woq9yZ+l5HYu +ofpdtpQRgJJSmEBJgpvwxoJKTUa9mYN29klYiv97AwWj2D2VsJvjG+IlfVybUB26 +mkenc3Hve2V2JueYh8Oijl1j+plc61tYJ0WQloZHQWHSqCJkXEMqUX6DZZyxREix +8kUuWabSkxSq1uRxf7iG442oaer5mhktpbEMWyA22mJLfXBwNaULqlhZGdeqKz4N +zwE0vg1rug1ooLX/s85n6h0FMD+ANbbNU18hQaxmjiCETPp0txAVWpaGAQZsYkW2 +ff+Aj5Mer/qB/K/TBh+7c5PkwcpTTCF/HQ2XF3B30lsBhFmsbXBkvxThhgZkGHfO +EQrxsgc9pwQrM3WT70ZI3uMrN5DfK7Dp+AVwIIBlEeai6FEMpZkg/4tPYK4GkwWP +ZEzSBoUETO9up3NwKuYWS3VOAmsOO8qRXw9bynV2WxMZ8NTWDmSKX+MqYz28ejjK +/5EYX3uW1NVjz608QbzT3XxNtX9B/FTPT9OlK8IxeiOjfDG2fqe3k7bYBZGVC2/M +aCaVPTND8xHsodxIoYbEbF29YSV/FLtw1eQ3LpwDN5OCzXpiZ65A4PxnB3iPHoNl +8o76h2dcksN+NKsdjnRH95b9V8CVlc8QwLBSCWk5bkfTXLeSkDM14jpJ0+BCuAyD +bdCo+R32ItDlke/L6d+CtVbyhDJigdl9w9XKBJ3f9XKw6Q4RnuCNQf3fqo1h+vVs +Ia4Mau6XSKyyZtEH5F0mO0iwpYBxPz6S9u36WnI6ot2Ep8AlfjBTRbH0g/luPjaz +9Jiah0i9p79L3wMNJHfqkdkUvJyLKu0rTy23L0sw3Eg9rx2TErrlIWugoAi0peia +36sC82X78xIzOCq1XwaIojnyB0fqxJDn93BI9dKhnBzWP54oY/ckq+ixb1oBQ0Kx +sLWcOwbT/yprpo36ZMy1DcxjjVyEfRmzwJJ65qFk48XJ4JIswdmaFfYbZ8yQyRiy +coJGwITg1bspV4krBAspArmqN3D4LviHXojUMxD6Sx8R +-----END ENCRYPTED PRIVATE KEY----- \ No newline at end of file diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index f82dcb5e23..67723c91f1 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -890,6 +890,18 @@ Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +Parse RSA Key #99.3 (Generated with OpenSSL, PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA256, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem":"PolarSSLTest":0 + +Parse RSA Key #99.4 (Generated with OpenSSL, PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA256, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem":"PolarSSLTest":0 + +Parse RSA Key #99.5 (Generated with OpenSSL, PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA256, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem":"PolarSSLTest":0 + Parse Public RSA Key #1 (PKCS#8 wrapped) depends_on:MBEDTLS_PEM_PARSE_C pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs8_2048_public.pem":0 From d00a138075dd2032faeabb6a40b8196053b97a89 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 11 Jan 2024 17:23:15 +0000 Subject: [PATCH 12/20] Change test data for pkparse aes Test data generated using openSSL with: openssl pkcs8 -topk8 -v2 $ENC -v2prf hmacWithSHA384 -inform PEM -in $IN -outform PEM -out $OUT -passout "pass:PolarSSLTest" Signed-off-by: Ryan Everett --- tests/data_files/Makefile | 24 ++++++++ ...sa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem | 56 +++++++++--------- ..._pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem | 30 ---------- ...cs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der | Bin 0 -> 1329 bytes ...cs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem | 30 ++++++++++ ..._pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem | 30 ---------- ...cs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der | Bin 0 -> 1329 bytes ...cs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem | 30 ++++++++++ ..._pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem | 30 ---------- ...cs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der | Bin 0 -> 1329 bytes ...cs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem | 30 ++++++++++ tests/suites/test_suite_pkparse.data | 30 +++++++--- 12 files changed, 163 insertions(+), 127 deletions(-) delete mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem delete mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem delete mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 21ca489c1e..cb4a683f73 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1045,6 +1045,30 @@ rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem keys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem +rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der: rsa_pkcs1_2048_clear.pem + $(OPENSSL) pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" +all_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der +rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem: rsa_pkcs1_2048_clear.pem + $(OPENSSL) pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" +all_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem +keys_rsa_enc_pkcs8_v2_2048_aes128cbc_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem + +rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der: rsa_pkcs1_2048_clear.pem + $(OPENSSL) pkcs8 -topk8 -v2 aes-192-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" +all_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der +rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem: rsa_pkcs1_2048_clear.pem + $(OPENSSL) pkcs8 -topk8 -v2 aes-192-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" +all_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem +keys_rsa_enc_pkcs8_v2_2048_aes192cbc_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem + +rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der: rsa_pkcs1_2048_clear.pem + $(OPENSSL) pkcs8 -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" +all_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der +rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem: rsa_pkcs1_2048_clear.pem + $(OPENSSL) pkcs8 -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" +all_final += rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem +keys_rsa_enc_pkcs8_v2_2048_aes256cbc_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem + rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem index 0d1b587f5b..f917af2a4c 100644 --- a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIYFcs8Uhn2poCAggA -MAwGCCqGSIb3DQIKBQAwFAYIKoZIhvcNAwcECKCBLl+C+3nCBIIEyEnIPlXdh1e3 -+cnyhX7dCRzR/NsygcRBJUPdwRUMAaOo/t+oZxFmHnblchxQ+pFoHrI9GVwg8uID -meEHlzSSKt8kOTvJ3C148jRFJy61YH6k5GEN+z5ihS9uTszaXRUlEsGfP1/SzWY9 -ME+pX+0kwJ4az87mYKyNUwK4U5d65Ic30pvRJc4unvFtRz6wtwqU+EV283pXHfyc -VNgQFjb1IPHEz/PSuE9p94mQvdIbVmuK2dRiMag/HcABvVhxzLldKyEHHhrHR0pa -gc41+3HVjz0b6RPE24zNrxA9bU+1URGwlkIlh7Jpc/ZuYRj6LQ33xUdYZcMZw0b4 -pSFJcUgX+GUXLyWLqhIxxc+GIeL2Vt5G0ea5KEqxOvSj2bJV2/JA0KtmrcIjX5Kz -d/9bAvxatcqIikVNVkQpUc1glKiIBfVrmyJ4XUlX9i5F3cgl18zrYUI4zPSBn8o5 -yxSfCuIMx+3zS4BiyugGNOclIbpLMjQuMrXxrt7S+QlXfdbXvyNfxa3qfqf7/P2k -ykxl0z1bjvkck6XoFGXdb13isUEtY2NjujZKZe55BLGqr7FsIIQSTAHilwMpK+CV -fA1EL4ck1+7FV+l8fJ0nN1Li1xOnDeAFuO2m91uibNMYPvRSoX9c+HQKXCdGfiuk -5tfNaq8bbXeIJ/P8wTjMZqI2l6HZRuXvvmRHN2zZ4BSsT3+61xtvSTISEimDSm5T -hYY583LG5lpFoOC0Y4EUw/ltmQpKW7AGkLg7SyC9oKvoeWM4c2t8HrL3iKPXtkwd -A/iEfZTxzmR57u+ZMlbws0evPiZQml8voJnuT6qwbos7g7V/Pc3Rj+b84JZcI2Jz -D89/VudIHfFDTXC/gcSRG4bd0glILJHT9FOCAlX5TEuRyeWasoVOV+m3Pi8vQM1u -tCsjE9UdoIdhoI5j94VhzHApdD4fePcQW9DysYa2R10gWIZKUvhUHH3FWLR2X2gK -Wiz5YkhEGXBRtDHd4cx8EM1bJMKwFyYXjXTPGfGlGiPt8b9u4F++IlsKcgGgPIvh -2rIm4jHuN3LRRlFkJ5B0kuOOxZ6GBfxasS+Ix4DZoIfqZsGNI5Wu2ikGZOKxX7Ij -G9RvcdpVV8C2Y+M9qI2+x93WAtQ+NRJo4/+gJ0O9bVUhjjAmIHu2bMtbvr9aPJhd -OpB9VQxB3c5mEXkNOV52oOGnIGVjbJMb4e3/MRpWtTFVcX6r200Gn6Hn3MnWZXdd -H7pOpAowTcTlFcbJ0WWjfZygj5HKKUOFzPYNnXKizjzQhF6yK0mphKFY+8tpFQqB -mV/1HlWJTSsAmh/FN21B2qq+KRiwMdpzKIEKC47mK+dzzo1mrTqmExvbiaLG8upr -KMb/lEnSCasiZKTh71J3+5vUE+Nw73rYNZcdh7fj+GBK9KJ3hdKwYc/9yyQx1Lua -4aXnUM6vQAsV+OLYNQE8vXMRtuftbPbV9sqiBLPIc/0P2EJ9mbEye8FM+koHUCKo -xtJe5SK36DMwAas6tjimouVgWTcAdbq9r8jQlCJ1WxXPUcCJdv6pFQUGKQ+34TMK -uWOhErUNRdqel9DthU5ig5dZs2DqlzbRzWYosZc1B6Q4/nua2JiBi8IeqtPILr2a -JYJ9DNzxn07lcFHiVgrJuA== +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI11AY9mDsg8QCAggA +MAwGCCqGSIb3DQIKBQAwFAYIKoZIhvcNAwcECDzvZWW4smTrBIIEyG/U2B5LazZZ +rzLUN7V38xI1ZR6rcBJreOk0QmVOSk9QMh+Kq+LmFwnY2NY+xikAfRJKWUsjk+h4 +DzCWn+nsrvU2wK582XThWYwJ79BIwkweUWV9l1Nfw0vyx/FkcTHE+eGPdABBL4BO +o4uajZso7tYY2+jyPobqSn18j2TInKbHR7lB5l6OAX9FsV0pGKYBgKxa9LTj7ufD +70G5WLHJAfnTX/6+wWktDOMMCPTXij3qA0fyu835shMUWQ+KUx0Dyp2A6qeprV1Z +nklRzevWsA4pbNMe+GG3WrRj52YRVuwDJjgTeq5rIfyoyLGv0ZUZsa/KEP/oToe9 +CmFPHWA2RDpK4zD8lscsjsOj+B0UREcSw9CdL91rFZkr++PuI3A1/T+3M8DkjLiB +CvSVziZLyZaqUVd0UdXrHyGeFxIMAx8xfYGiLi/EEay2zEScGbQ2kU+N1Vpuyu39 +PoEmqNOchoEkLeMVTYTQDfK3LgYQXpvdLCQQG76AqRIbuY+ZfYYw8eWyJhm78Qwx +fAenH4i5AjgJcV/5xiLpj+1trdefaCSp0Z8XY7ng/xyNCOOdSbBOPl4JnD6snYaT +06dtpowP7gcN3bZQo/r2XsH8F1VPvjG2wZ38R7aHlF8vjCZ1gUtCuraoM9AAdVoW +zWiptA4Lc5CAp+kDa2Nf5gyL0lvN/IbWYE23/OMTECmwG+O/HNtvltmdmYB8Ze6A +pdlkftjf/NvFsHloJS76SreR0tpWM8rGnSqQdecWLutgWP7HiK6C77UYv3b71SVj +ga5uv2l67UAj9EPTizZvLJjn0ubylfCW4eaPkEJBaYW4uG/3BcWzpLRnGyq6csMC +/tly2Y1L9dBqyZMIMW/ZFm8/64K8IRaSu/8mMGxjQ7VHeU6JSDk3G4by8jdYjLA2 +Y3tWYaelX8oE02jrwv47PPFWft/P+3Gjwo8lFq0zQTAk2C1vHs44jLzsOxfizo6s +mzmGh54JFsdE1tlYoa515Id2I27vjCvK6XbbgguinHaIsRgaRnCyyqEjO22z2zP3 +RpJD7FdugvZDepLfII1H8+JlbyBEd2zByMIPehIeM/HWWN0ukAgIz6yardrCYiuU +hXTqTz6bzaZMRJauPt/gpSvAx8kTKr9nXH2VRiToUs3ABjT9DN1/mQ1RlA0NmK1i +qfsMRXWzckaKgmJ8fglxEY7UR6fOqt3325yVQ/x49AKBxBDO9wmfpHEO3aQY7+H5 +hP/5tuc81226VFbyTERtTaEb/I+7iiImcWtVW4bB/1DgCu1NTlay6XaHOoclxcEE +N+d/3wDjSrsUhAKcK42wNPa74eSZy9ElJ+33xC56tqxhvo6YdG7VFu3S8qnhaXf1 +ijcRCw7vr2ShGMAhnloz4T+IX3ZGrzkVSXQG+rpaFag0b1QxeS6w/V7F8u+wljnq +1BzIfEjnE3lpR1eiZ8Ygu/n4kb7n5gHZqd1C8QiFZOGczX3uKFbH3/HOS20A+/6R +3rkjCQ+Uyxl3+wVdyOSpUCqtLfJBx69CM/6lDBPrliQ6DE94xKFrNEogG3IE36rW +oSCJcveg3cdbrHSqc+3m36FbQl2YKy8hgBwhrym2xHZ/ZS+acUQsN/V3VvEym3N6 +QXFLn3yqnmpr1g+yqXfQwA== -----END ENCRYPTED PRIVATE KEY----- diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem deleted file mode 100644 index 276c613135..0000000000 --- a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIV3y5ahakUYYCAggA -MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAECBBCcu2VAdIWUQawcrlhFDgV+BIIE -0JMB3FUnHGs5otXZJvxOkiIrliuQiDjy8AuctQdVNhArYeTfTxW6wZZxacDOAJT/ -JvxbpKRANBSCp+TOf5jMAHl11L8Pr7Z22HumPjJXyuTwntG/lYpWzHKLo+V2GGFo -8E5Q0uya0A+4sL80JQMKa6G4BZGdnOwD1krUPxrxsNXVRbsHcsewUc1nKshPlj0X -1A4Fe6IqgichLPODluJcJo6tWCrhKdDxyDzCdZ0ZiJpUgH7SPo3XZ6GO68nlSKz6 -vwChjrkUsmgDbeGr8yFP4kuaagRngMovGQXcYyNBDWZQYKM7uMqz6zuh4VJuvAJk -h/d8WDkFz6fJAEpqYYDBqVj5vGH3Xq0e4LzErJ0s8jQuOy66noiQIXF5U9V6sLvk -irbIyEVcBUWUIs2QCgEVbKRTNAzo3+V690etqVYx5mW8m3CenJ4TrrtsQJwOZlF5 -tz6a+RNjj5EZKRx5WoOQ/ZyQK77+dg4lO0MbaUptBawsLifCQANmJ7hOIl/aG8ae -8ZnBUFYR4Cmomkcb/OjabGv5iyizZ3esf5kfmhvaRDQN+V7Vx7Dy6lzzpJ3vhxoo -+VRCFAVIS+XPvGLynUvawHiSWlzYFKeX6t9ZriIDomVxZE/+zFbw6iQmE4pM6jS7 -mgwuVeKFeD0zVOI3I3pXN0NBZYZgkO3gdly6QbmETxkZB2ccv+Bqe/DdAi4Zq/JO -prW8x4o5wogfn5heVGB++Kh8l9jXxqqh8f8txNwfR0oli/TQdT78FgXcaWbQh+e+ -vFtIAIHlGK+u+FGPJm4DuyW5LY+lYE0aJMD9Bre8yWVy3aF4IZ9KQz4gxObQS/mu -CXHqPCiuwnjaiGFwf6IuTvX3hD+9j9XvGKZn8Y7U42iwzKdYD6qRAXn4+v1G9KIV -cPB1XBCpnEk8E+whjaht5EnAk2I/vesT3akfemgRxEegKS1Ziu/bwTId5mFLx3oV -ql0Nb8dAlIkpDTwxGK7FgRhUwutml6HvvYKtG10OqvrFV026pyQnkVMBGCUMRKvO -ddNAKOr8Mz0qrme0osCxVBdLxnVjvIwsiPBsX2INV86xW7DUe50u+mbCxu4eXCsA -zIJps5WP+ol4z04oZEUp9DEFxILO65MBmWd8y43UqRaaAOXYU+IZ5Tyx0wPcSAbb -iLMFwZ5uA3rIXSvzesgdiX5oJOY1+Y4hpBB6148u2YmKQsNLC0FLodEdXrrDacS4 -jJbc/Zlw2Q2u+YXBzec9hLGsA63qGybc8gmrYYoutwv4fYwSFx8N5AiENFYughBv -EyYXx/gjsSUJOZpI7VDcTS5YiqxRy8VBGXM/ewcvsNxjLTiyQz2Dv8PvGdCzJHbE -CelmFM+RKa/NzkIv/SwM5hXKCO8wpXT5HApXiTxCjonX/f4Uqu0JxiHYqvV7ih3p -k+9kE2eo3GzXWPG4DvcKpDd8pz0aAV02+AGZatRceg0wpOVzo+EC7c8V0SU4De9V -gLyYzY53HLbeqhPm3Yb0yt6fIBfcRxLi7A86K9c2+Na4BFLJPvf7pMQLmLlcdp1M -wKQhQw8DFxxstrup98H29r2n+XzPukhZawQfTEJwfx8y1Kp1UvJOeg/wL1PayyNv -0CQRRMZ0UEb3o6GjSyb3j98oGNe1LAvoykqc8QsBlP6f ------END ENCRYPTED PRIVATE KEY----- \ No newline at end of file diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der new file mode 100644 index 0000000000000000000000000000000000000000..00519400f2d3cc307206e207be2db90425a243dc GIT binary patch literal 1329 zcmV-11&LNQU&90Ul2Eo)JX--{dq z0tf&w3%ZY%eeqoARu;zjI@zJdnPpVp`i6rrw6Hoo8hZmKj(m zyO@1y#MGL4Q-xXe8ko%;AYVaFr9V=^YL05@I{bO-!^an{7_E(znO-lBbWfJl1%@tT zI>K<8U6T@2DS2w`Z8$|llZW7X4G}`TbUP3Nu_gAogQ_PQE<49}g0j&`M@gIY`&Bn| zrOKWZ8KeW?L4DRbV}FN{Z;lY&-aNqgN#x050n0b>cfU zd_&Krpp&lTGtP}tnAzXPTq&GKLa+`^!7NB}31JQ_0_=`SyR=s{gf?T8J2XM zASB2SiODzW97Ed2sfNzBR__T)hz;z^m@Sg^#Nu}GBo9$olPNY_qkWPS<;6DM2c+7L z#2#?#s6KFQa(8*(9xIVtI#|_YyJWcJxMTsMG%=17BpjF7J5cIaNfn&9XW45uc*EO! z$FZYW*Pnj7aEpzk??XJSfWJaO$+D#>V&IZA{k`wro-3{J-0&S2n7k3-#TjCnn;@2F zA(9Vx4vtGHAnJ2r-@BxS@Mds$2X%u7*3F}l2o4aePmr@O?phM}m6b3CrKW|*X*yQn ziYIJQ1vZOZ3&AAmzWQ|Z6Bt=~?z360evrKOrkTd+q{j}bm_SbCZ?^NH*E1qA-kY?cMD>wTO{K0B`Tpx=eIz_$?h3HN< z19JMlnuz7Ko9zxxadF8Prnq6Oi)i(r4VJ#hIs|6*=&{j1x{L4t^DGw&g>W-!)rA`b z578x{>`88E4*yx%U$9{GlpWt7LIFa?)71lwB)T{pO^sU3RAzWI zxfh3FGuzx|4HsExNO=XQ9Ug9+>OrhqwSV??Lvb0Vkpfh*?f25}ok-OlQgg|81R=9k zoqgjG^MMAx>t9FQc49CKTjomOI{4$UdG|MehhZ6l;{5>-URnmjf8?x$Su(jcJ@${_On|eFeC(;Q@>Kr8CEn zQ(W0dmSJaEx`Ln;`}I#C9$mh7q7bY148WmiqHp5345b#-t3qL0*~~tCY6`dPgNX`Z zWqnxO14QH+Gi)^UBNx)iEa7T;x)K1MO!u@BB8OqX#Q8#}-VK!t8yIehpfHqW^Y3(K z({<<7=6imND`5{JXz&R=dWSPPxI)KRuSG!}InsW^4JHY4h}_3i1jKv6;K^(d9gFjk nMO~mF7aa(U$AS9&{!Wj~?w6I4+#BDS`nq#=?~*tQPhcl(&LNQU&90UkDqAt z0tf&w3s=)T1cC(6 zw1rOHCLzruT3Ix3J_9NIrY7AGr$y*Qzw;EXj z<&j5hSL_w*-o13>$vVmQI;Cp#Ok!Ph`r4$Ql#*>^ojHksgxQRr0XZz$!{2_l8_(+I zr7uv^4_*~vS!;QIqN$-6f3=a#H^6MhBg?%oCde1CEVZ-N=$Ac0;dDjOQv#6rZ)2K@ zGlO3-jMQl(Ysh0DQTUiSkvjjS6iyw?PoBHUlYv&&X-|@HM4E0H7+cV(lHw!Q!84c% zyo_9oDfuCuz*69T9071$1Y1(rdv^)8CEmfRk75kkg>^URz&fuXQqtqfj7mZvy1zN& z(_CZuXcu929yaIpB`aKsh9*45cklI9lLOR7aL}152K@>IVGL+NOg6xd${4J5$F%r z^5PZh|KWE~R#Q6dm8ZV%IO&@U_-^1DTa>C^^`41X!+8!wXBKw2qq?wiK|p1i%{t$7^ZBus*7`?3R>BKd9nzx!s_U zrwu9U>Y@PKa31p)iNITu5y3gV$JZFx$c0kuqh~nZEF)DkwR#8UoQ1{1Qxo?UVslo~!) z$QD*JnmrdD$K&U6K|pGdDIqYy^00{Wqa6@$?5u+fkh_9Ob{t`kXbCx{5dy-8K>7W- z-qd{JgAmDY2r2g^oZJC+iu*(ZVbsetqdAhUaFgnY1aux2h$G$Wl1gKuW*dWQ%T$;y&8Aa(Ogt20+!tSs^UjvYeAWL9NRyiUppyk2HbZW=(3n zYfj~ebCIe=SkfC>8Xin;?qHi-UI@_ey-35pa^HvfLfGCZPHr|WhLvAC0I`u0BAL2+ zdFLtO5-6TbB|6I7kiA^WrjtKCWd`e~hIu(BwW&nRE0I+wMh=_2n~RYu_<_DYkZg{#%}D1{ieTo8$L7)EnlvXhoCLH(Vo zi_3;~>=ZS+aZARUkotfCa4rxgua1Y>W7$|;j4-`m|E@xuI3Q_Ie-(xX#5Vl$)KG`q z6c;pI`0GL?cbpq;BL!%+tH2AMWLWliX{SnjSx3$`W@$MRuuo*h@q(#BCjo93Cd}fK zUOPg&oYK)RXX@(LuRPpcuRb9C8{GtVPMR^8bzN$N;R65di{z%Ob%Nxcg2%;#9mTIM ns%=zS6I21S<3ME|Frcv4-lguEO{pvGT=rW>2CCR71B_Rj1p{}Z literal 0 HcmV?d00001 diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem new file mode 100644 index 0000000000..0a36a716dc --- /dev/null +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI8i+OtR0wbD0CAggA +MAwGCCqGSIb3DQIKBQAwHQYJYIZIAWUDBAEWBBBHvOq1294P18bekzyYVp4QBIIE +0AJnZHjPZcPYKdSNaNfPfc2s+UmTgYeLCun5sd+9KIYyozJ2ljZTijsdp/hItWTu +DmHrfLTLV8mtL/OFJ83u0rDoHVfSrDLwFMAy/nmbtlLYPFEfU9MQ8s2OtvKuobmI +b3x7b+MrTlG5ConptsQQw5tl3dza9DZGfHUnO2EzXorytSMLFCGeQskzbN7Y/Sbf +2+IL5yoifcfPddTbKDyTa77K2516tK2+WTU/VUfv2r5d5SiivZLuMjIYrbneHYoq +hW30BZozCqJKJ5G2jwNjLUjPirA6qtS0Y1tIb5rRjZ0pSy1X5oIQL2laZLrDo9gP +/Ud8m1k2nv9Uv9HPM+G4xCMSiJVaptYPyzFQACcSdA/BVUdBC0EwzIj2nbaoAlM0 ++sZ2Asbohnds/AsDz+/b6MaMKg9Onoort0zF/HtpSII6+WSmvGOaV2469JEIvZlU +JIn1YugpDPIe6/B35J9sYfvVNKVsvJntCKxmcz6Nw2VvPKXC3o/bseBqAhLKDMZZ +Hr3id3O7bN2ng3lKuGofmQeMYnW4zb4coXytdc/XCvf63xE0NsUEBFuRMpc9iocC +2RMBEzNyE4tnigI61T/zkpwgBic1p/isGoXMdPWl+Z+IAIYgyxOVwO9g78yVW9tp +1xF9WzJrGHKNT9RLmINyo3jt/wRj8Q+T0EG45cDQcHwpyXdNS614hUCIaeTvQcR9 +8F+f4D8IvL+GJt2EtbqL+D687X/hptNehpFf+uxGiHQfrtOvYS/ArNrewa1ts9nq +SMAE7Hb7MzFdnhDqRFBa+//H1jvNkDx3qXfb1/MNE8pR6vjcueKKQ0BzlrNX1O2C +oz0OCMeDfXZhWdYmNjLNcdbonrvq5Z9nOUEdw2lNWELT4lOAmqgA/xBFdQa4glCx +WS1r6DyjgTdGlPbcGugRuTcYXNx6iikWzoS1369maz+WV9qW7r8kA1Fs7WUiYnOb +I1E06yQKVANe+t2SQYN2jPK3EsFFOBxG9tlcXbZVxvx9m6XJR7f7YnLPN+b0f1qF +cT2c5IhK5pKRiZds82lWBnk+eli+qUXILIBbDvBmY4PyPk+kyewAHI1HWBfoSH/3 +aLIV6JPgwjAJKnr0++jUqETID/yGyLHNNy1u4ALyAfbFVU//RGmwAxhrBNPdVVGb +rBfKL+VL8Hu/m5XWXez0nHKyD8J1i/XO1OutBsXYxEn6Xnu9rJn8F6nJ+XB3zt6K +QdkUp85t3GM0wyizuPRWJrSVfYyjV41yEBXqe2lgqTT9dpvpgIRtvUeq83e8PD/3 +6qKoeTv+3cppCFZ3vLArGvsvRTcbfc3YEzXxz6gc/1HTzd8UpCnA/9+jepG3IzRL +1bLs8QVzIBAT/UpuC6QWUdAR/JZMEFLU5FnRh6oXuh2Zys66Ot7LyNhnGlSEPlXI +polURx0bew+QigBGiH7NpyMgRi9Wh+1HOA/wsAp4X7O+DhaX6vdiDbQoilN1LclU +TRFShpuaxwRA1ek2Jz3JLn7wCsGaVXrd2v/CgrxofCWzGjR2RWj9hAkV4eoJ3G6A +x3DhMRrqXc/O3ON9TyhKBZP1g35In5bZmBUv/o+7eYV7KDETxPwsD3A+dCqUJObU +kyZehu2DsfyZFI98SnecRpb0M0vi6ZZueCykOVec6xkX +-----END ENCRYPTED PRIVATE KEY----- diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem deleted file mode 100644 index eb2ee1456a..0000000000 --- a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIcVlPn8HF5kcCAggA -MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBA6UHwbVfKyYQwiCmyTPE/QBIIE -0Na0hdMyQvJvRUKDvR9Gds0VrwRjHq+WBCDcHfJJRS5RiSCWnOCifZHA/zYoYZ4j -rHnuzmheOuGZWjUkdZQ8kVKFGGCKQjHKHTlfDhVv/SQzwYYWVRyaubDC2SKYORKf -zCFzLjr8RCwBo0ubh9q+QvPrmvy/jZYHYruU7vGseS4vKnWwnXey0ii8L2qD71Fo -uH6WAMRc6xHzm1W2WSnFZvZFLwCmGg/LlHc34TdCgXyX8dhJsIAwlwuCStFWs194 -A5h5ZrLiDdpGCThn47H0jx8kzVcoY+dwuJXgNfzAbzDgbRyzCpQx7Fulzf36iyPO -fq1OrF0+DUSrEv1GJTXT4/1xlpaZgR2RT7in7jCSE7XyATBLRrL9nKAQCmLAARnb -ITLWUPMmxJJDLLn9faBt7ZpyRzLRqGMT6nRNBouAg8DWqqcRvBLfi3TxoQ/KS2BJ -HMtyTfSQpghAsUUqraquSfyLoA1+b47gO+H/grQIMMnfThGiUx9MLOGFAvQ3Um8R -aoTm8X8RuAH3BALA0m9isRww/yA/dw/03jtByDYMeQ/NAHAgL1proXqsojHIYN5v -6vesHcATHGiFnPY0kqKVyIN1G8n5Gji5P875GPq00WN2kPMLiBG9woq9yZ+l5HYu -ofpdtpQRgJJSmEBJgpvwxoJKTUa9mYN29klYiv97AwWj2D2VsJvjG+IlfVybUB26 -mkenc3Hve2V2JueYh8Oijl1j+plc61tYJ0WQloZHQWHSqCJkXEMqUX6DZZyxREix -8kUuWabSkxSq1uRxf7iG442oaer5mhktpbEMWyA22mJLfXBwNaULqlhZGdeqKz4N -zwE0vg1rug1ooLX/s85n6h0FMD+ANbbNU18hQaxmjiCETPp0txAVWpaGAQZsYkW2 -ff+Aj5Mer/qB/K/TBh+7c5PkwcpTTCF/HQ2XF3B30lsBhFmsbXBkvxThhgZkGHfO -EQrxsgc9pwQrM3WT70ZI3uMrN5DfK7Dp+AVwIIBlEeai6FEMpZkg/4tPYK4GkwWP -ZEzSBoUETO9up3NwKuYWS3VOAmsOO8qRXw9bynV2WxMZ8NTWDmSKX+MqYz28ejjK -/5EYX3uW1NVjz608QbzT3XxNtX9B/FTPT9OlK8IxeiOjfDG2fqe3k7bYBZGVC2/M -aCaVPTND8xHsodxIoYbEbF29YSV/FLtw1eQ3LpwDN5OCzXpiZ65A4PxnB3iPHoNl -8o76h2dcksN+NKsdjnRH95b9V8CVlc8QwLBSCWk5bkfTXLeSkDM14jpJ0+BCuAyD -bdCo+R32ItDlke/L6d+CtVbyhDJigdl9w9XKBJ3f9XKw6Q4RnuCNQf3fqo1h+vVs -Ia4Mau6XSKyyZtEH5F0mO0iwpYBxPz6S9u36WnI6ot2Ep8AlfjBTRbH0g/luPjaz -9Jiah0i9p79L3wMNJHfqkdkUvJyLKu0rTy23L0sw3Eg9rx2TErrlIWugoAi0peia -36sC82X78xIzOCq1XwaIojnyB0fqxJDn93BI9dKhnBzWP54oY/ckq+ixb1oBQ0Kx -sLWcOwbT/yprpo36ZMy1DcxjjVyEfRmzwJJ65qFk48XJ4JIswdmaFfYbZ8yQyRiy -coJGwITg1bspV4krBAspArmqN3D4LviHXojUMxD6Sx8R ------END ENCRYPTED PRIVATE KEY----- \ No newline at end of file diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der new file mode 100644 index 0000000000000000000000000000000000000000..136cfb95e32e5143abc65618e79f96451fd28030 GIT binary patch literal 1329 zcmV-11&LNQU&90UlPFNBb^`2A)A z0tf&w3kOAoM$#BWCe;yF90r!C6437^Gmkxb z6=IPvb6A~Dmmx@3E=cXmLHrw}eg&2zHndfJC0t%@gyF4xb`}?B_i(Mdw^FRcKTBte zU*^b607){JM%gpYJEWzju79RR@x(2k^puv&OD_abvLlZlHE%T@#)9A%W6t*UAh>gGbdPAQYC6!JHqky;<0Ozm zolz-jLW#XtT3yqU$}^8NX((*G`uSr|4He97P`5l!pS$@n+|^%0B0O|Pstw=ptbF)m zO=)eFvX`~?7l#Hj^6b@LO{;8$)uH;vgy6g=+4;`=u<(G|aZ8T~|vk&bbbZw=0Z=KK!GM}$bLL7B4q+U7JW5#^L{^*1Tz zEcd~DlUlMIhZOQkm%Yo**$rIb6XtGpfMC5ezcUG3)BsBFgKSnSq0| z0foW^wRcq&z+&WteMR29r$iI*T9fg= zGtMxK*XXNIDFBgJvnx~X8Wrgl*YL)#n6^gGMRu)8nN=Bd0T8avR+NDc}rqJpooRY#SgEDxX1o z!;iFYe$AG(HF5a8|@-Zb*}RGQ)caSspz0vV9o*h#L$UPkcRc!F6o&lseF zE{@cQp227{jt)>|s|5?gQ(<~wqwT^HqDKmwjRjH0Ve4Wi6K;Jn`bAXZf1Z|I66?PN ze@)7^ZlIL6hgLWP83ndXIO!d=PKCSe54!iX7^$*&$t%iYONE5yji<;@4fyli!;u2v zsMu6C-IQ1;+ogM2O-#w@)$LS}bXFLBRRz+C2p@MaVv`M`-lf?bnlg{`km nxyhPoC#DQYb>O3IxZu#v);EsqKdk4Z(g8)DM}S@RkHrM!rGa_o literal 0 HcmV?d00001 diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem new file mode 100644 index 0000000000..da2e90f795 --- /dev/null +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIhWg0Xe90dAcCAggA +MAwGCCqGSIb3DQIKBQAwHQYJYIZIAWUDBAEqBBCRE60k0URZBki+hlzaxgZgBIIE +0Hffn1sg3qNNUkFDHdbvU9E3+aaMJKWqDS4bUqGguT7Tz36TPM1drUZSFyWvPgNY +dXonxu+2h6jzRny0clPyp3kCbJEqgvyj0laKNAfV1fmJRVkIFiCMs0iBLQnyjAJb +IJ8hGxsnotdvmL3oTvHq0YawPXRXVDC4qeO+PzcDjSZ62E+Bz1bE2/tLif1BKd0k +QbccsD9pCyF8pauCAxgN2AWWdus3IzH+hWUf4DTT7AhCdYNijY+ZmBgKGkJoJWwl +aIZrPGJ7tNIDecQt86xLffKifI/b2dO5e3Q1NgNzHM77ncoeLr9nFSlsc2W3qA/A +gEDcuGj1ujchKK70Phfz50HMfnP3pCqLk8jDI78/TSvHDiblF68hsUbAsvbtHNu6 ++AXlDdSU2bcRyQRsjvaf2lMLt+qkUX+P640SKnXIYa1o9dv4+alE4XTZaimmOnao +DjYm6bTHAYcE//DW/LXt7V+q1KCPqpoHMR140vyjIRN8uEcPXyTka6lU34ypIhUb +N7ggLrXrCjh3nJo+nCtXOIMf9O9eD9I/0i8dktZFuTRj1sO/z9J/xFxHTdBG/BB5 +1MEmwriRubrw5Ud+uXnRq+lg5rW3n4+5TBvwYq/GLfyj36ojegbE8OdMfJJqCdd4 +zywMXwYiMi76gYAwEL60DWRn+3vud02QwY8hBXfiOPq2kxazvZM5SWy/1bPgStkn +fG9uzE8n/ABZA0XWuV8hNAcxYlS+0s3IguvvHogQtQMYTTg/D3OODpc0f/+y3O8N +qI5Iym1SrWpnF8vVFZsMblMDr+tbeCvYQ+HuaTc0L5cpAozoY7iCzuqwDHFrYTzC +rSZ70V+FQ956m4xkCBu6TrzqzhA8zfDFs3z9LfV62v9zLgUS8uCKSKWxznM0IdiE +ZnNrwaE1xsO5QN8LfvlO4NVVxN/ATie5tmlLndS4c2ZkswcR3WM6cW1buVaIPsz7 +lU7sbd/I9pWpzd3eZNkVrWpyWxvFQxBUNNC5IXcgRBZsGgVGRw35LBlWXKluKrVi +Z/FAf23dt3n2S4dtJ+Fd2+YL/YiK0lqtrm+GkSjmMvVQ57PJn8QvW359e4QsxDyN +wv6iEQDUqZcQ89ggdGdoSFFgBtFACc9iCKsu5AjTJl+Tql/A3FV7SwYDfZwQuT4e +gc4dZPuSSVd8cttUeFUmtrPCMx2nP7ZDVYFrZyK07eAIL89gv3bYWu8R/wMKNvzr +g0Ao0+AnfLJg11C8pAhJea1dxwu7g6LSpA+oCZov4RpqUnLKMCpPbypyFhSizZtF +evDMf+5aUAbe0+ZsCjUT+RftpzYCPV9uGhYhLMIFRP/7FCcHMrDn7CbAektm063U +EwP2O1rUrMhPWqRztx71cGBloeVPE8Ddwnsorr4M7EXihZcvNsLfz3N9NUopkU3M +sM2fEAnq2KMyrrwVGRSHvm70gUDpJeFanRBsI9z1Tr4r3utHIIQ+0u9pFPbQln0Q +4X4U7KbKC4leTYGMPMFOPXihiMTazNcs232stAYUYe6/DmVX/p2dJHvHux5qBGIW +Rbv7OuwazOsDqNfrqZTesENIGl/KPoNXiolp/YtG3DHQ1vDjEj/XTOVWWkBDXVgP +ut4Pi20hvFBwvEBtypAgi1VLcad5+dlrEwryewlLLw5h +-----END ENCRYPTED PRIVATE KEY----- diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 67723c91f1..a8d6536e9a 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -890,17 +890,29 @@ Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -Parse RSA Key #99.3 (Generated with OpenSSL, PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128_sha256.pem":"PolarSSLTest":0 +Parse RSA Key #99.3 (PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA384, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem":"PolarSSLTest":0 -Parse RSA Key #99.4 (Generated with OpenSSL, PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192_sha256.pem":"PolarSSLTest":0 +Parse RSA Key #99.4 (PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA384, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem":"PolarSSLTest":0 -Parse RSA Key #99.5 (Generated with OpenSSL, PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256_sha256.pem":"PolarSSLTest":0 +Parse RSA Key #99.5 (PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA384, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem":"PolarSSLTest":0 + +Parse RSA Key #99.6 (PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA384 DER, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der":"PolarSSLTest":0 + +Parse RSA Key #99.7 (PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA384 DER, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der":"PolarSSLTest":0 + +Parse RSA Key #99.8 (PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA384 DER, 2048-bit) +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der":"PolarSSLTest":0 Parse Public RSA Key #1 (PKCS#8 wrapped) depends_on:MBEDTLS_PEM_PARSE_C From a90378c425a56af060f29ee1c9bdb6788e174ba6 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 12 Jan 2024 10:24:00 +0000 Subject: [PATCH 13/20] Restore previous version of rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem Signed-off-by: Ryan Everett --- ...sa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem index f917af2a4c..0d1b587f5b 100644 --- a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem +++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI11AY9mDsg8QCAggA -MAwGCCqGSIb3DQIKBQAwFAYIKoZIhvcNAwcECDzvZWW4smTrBIIEyG/U2B5LazZZ -rzLUN7V38xI1ZR6rcBJreOk0QmVOSk9QMh+Kq+LmFwnY2NY+xikAfRJKWUsjk+h4 -DzCWn+nsrvU2wK582XThWYwJ79BIwkweUWV9l1Nfw0vyx/FkcTHE+eGPdABBL4BO -o4uajZso7tYY2+jyPobqSn18j2TInKbHR7lB5l6OAX9FsV0pGKYBgKxa9LTj7ufD -70G5WLHJAfnTX/6+wWktDOMMCPTXij3qA0fyu835shMUWQ+KUx0Dyp2A6qeprV1Z -nklRzevWsA4pbNMe+GG3WrRj52YRVuwDJjgTeq5rIfyoyLGv0ZUZsa/KEP/oToe9 -CmFPHWA2RDpK4zD8lscsjsOj+B0UREcSw9CdL91rFZkr++PuI3A1/T+3M8DkjLiB -CvSVziZLyZaqUVd0UdXrHyGeFxIMAx8xfYGiLi/EEay2zEScGbQ2kU+N1Vpuyu39 -PoEmqNOchoEkLeMVTYTQDfK3LgYQXpvdLCQQG76AqRIbuY+ZfYYw8eWyJhm78Qwx -fAenH4i5AjgJcV/5xiLpj+1trdefaCSp0Z8XY7ng/xyNCOOdSbBOPl4JnD6snYaT -06dtpowP7gcN3bZQo/r2XsH8F1VPvjG2wZ38R7aHlF8vjCZ1gUtCuraoM9AAdVoW -zWiptA4Lc5CAp+kDa2Nf5gyL0lvN/IbWYE23/OMTECmwG+O/HNtvltmdmYB8Ze6A -pdlkftjf/NvFsHloJS76SreR0tpWM8rGnSqQdecWLutgWP7HiK6C77UYv3b71SVj -ga5uv2l67UAj9EPTizZvLJjn0ubylfCW4eaPkEJBaYW4uG/3BcWzpLRnGyq6csMC -/tly2Y1L9dBqyZMIMW/ZFm8/64K8IRaSu/8mMGxjQ7VHeU6JSDk3G4by8jdYjLA2 -Y3tWYaelX8oE02jrwv47PPFWft/P+3Gjwo8lFq0zQTAk2C1vHs44jLzsOxfizo6s -mzmGh54JFsdE1tlYoa515Id2I27vjCvK6XbbgguinHaIsRgaRnCyyqEjO22z2zP3 -RpJD7FdugvZDepLfII1H8+JlbyBEd2zByMIPehIeM/HWWN0ukAgIz6yardrCYiuU -hXTqTz6bzaZMRJauPt/gpSvAx8kTKr9nXH2VRiToUs3ABjT9DN1/mQ1RlA0NmK1i -qfsMRXWzckaKgmJ8fglxEY7UR6fOqt3325yVQ/x49AKBxBDO9wmfpHEO3aQY7+H5 -hP/5tuc81226VFbyTERtTaEb/I+7iiImcWtVW4bB/1DgCu1NTlay6XaHOoclxcEE -N+d/3wDjSrsUhAKcK42wNPa74eSZy9ElJ+33xC56tqxhvo6YdG7VFu3S8qnhaXf1 -ijcRCw7vr2ShGMAhnloz4T+IX3ZGrzkVSXQG+rpaFag0b1QxeS6w/V7F8u+wljnq -1BzIfEjnE3lpR1eiZ8Ygu/n4kb7n5gHZqd1C8QiFZOGczX3uKFbH3/HOS20A+/6R -3rkjCQ+Uyxl3+wVdyOSpUCqtLfJBx69CM/6lDBPrliQ6DE94xKFrNEogG3IE36rW -oSCJcveg3cdbrHSqc+3m36FbQl2YKy8hgBwhrym2xHZ/ZS+acUQsN/V3VvEym3N6 -QXFLn3yqnmpr1g+yqXfQwA== +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIYFcs8Uhn2poCAggA +MAwGCCqGSIb3DQIKBQAwFAYIKoZIhvcNAwcECKCBLl+C+3nCBIIEyEnIPlXdh1e3 ++cnyhX7dCRzR/NsygcRBJUPdwRUMAaOo/t+oZxFmHnblchxQ+pFoHrI9GVwg8uID +meEHlzSSKt8kOTvJ3C148jRFJy61YH6k5GEN+z5ihS9uTszaXRUlEsGfP1/SzWY9 +ME+pX+0kwJ4az87mYKyNUwK4U5d65Ic30pvRJc4unvFtRz6wtwqU+EV283pXHfyc +VNgQFjb1IPHEz/PSuE9p94mQvdIbVmuK2dRiMag/HcABvVhxzLldKyEHHhrHR0pa +gc41+3HVjz0b6RPE24zNrxA9bU+1URGwlkIlh7Jpc/ZuYRj6LQ33xUdYZcMZw0b4 +pSFJcUgX+GUXLyWLqhIxxc+GIeL2Vt5G0ea5KEqxOvSj2bJV2/JA0KtmrcIjX5Kz +d/9bAvxatcqIikVNVkQpUc1glKiIBfVrmyJ4XUlX9i5F3cgl18zrYUI4zPSBn8o5 +yxSfCuIMx+3zS4BiyugGNOclIbpLMjQuMrXxrt7S+QlXfdbXvyNfxa3qfqf7/P2k +ykxl0z1bjvkck6XoFGXdb13isUEtY2NjujZKZe55BLGqr7FsIIQSTAHilwMpK+CV +fA1EL4ck1+7FV+l8fJ0nN1Li1xOnDeAFuO2m91uibNMYPvRSoX9c+HQKXCdGfiuk +5tfNaq8bbXeIJ/P8wTjMZqI2l6HZRuXvvmRHN2zZ4BSsT3+61xtvSTISEimDSm5T +hYY583LG5lpFoOC0Y4EUw/ltmQpKW7AGkLg7SyC9oKvoeWM4c2t8HrL3iKPXtkwd +A/iEfZTxzmR57u+ZMlbws0evPiZQml8voJnuT6qwbos7g7V/Pc3Rj+b84JZcI2Jz +D89/VudIHfFDTXC/gcSRG4bd0glILJHT9FOCAlX5TEuRyeWasoVOV+m3Pi8vQM1u +tCsjE9UdoIdhoI5j94VhzHApdD4fePcQW9DysYa2R10gWIZKUvhUHH3FWLR2X2gK +Wiz5YkhEGXBRtDHd4cx8EM1bJMKwFyYXjXTPGfGlGiPt8b9u4F++IlsKcgGgPIvh +2rIm4jHuN3LRRlFkJ5B0kuOOxZ6GBfxasS+Ix4DZoIfqZsGNI5Wu2ikGZOKxX7Ij +G9RvcdpVV8C2Y+M9qI2+x93WAtQ+NRJo4/+gJ0O9bVUhjjAmIHu2bMtbvr9aPJhd +OpB9VQxB3c5mEXkNOV52oOGnIGVjbJMb4e3/MRpWtTFVcX6r200Gn6Hn3MnWZXdd +H7pOpAowTcTlFcbJ0WWjfZygj5HKKUOFzPYNnXKizjzQhF6yK0mphKFY+8tpFQqB +mV/1HlWJTSsAmh/FN21B2qq+KRiwMdpzKIEKC47mK+dzzo1mrTqmExvbiaLG8upr +KMb/lEnSCasiZKTh71J3+5vUE+Nw73rYNZcdh7fj+GBK9KJ3hdKwYc/9yyQx1Lua +4aXnUM6vQAsV+OLYNQE8vXMRtuftbPbV9sqiBLPIc/0P2EJ9mbEye8FM+koHUCKo +xtJe5SK36DMwAas6tjimouVgWTcAdbq9r8jQlCJ1WxXPUcCJdv6pFQUGKQ+34TMK +uWOhErUNRdqel9DthU5ig5dZs2DqlzbRzWYosZc1B6Q4/nua2JiBi8IeqtPILr2a +JYJ9DNzxn07lcFHiVgrJuA== -----END ENCRYPTED PRIVATE KEY----- From 86d5347930557f2d0de6d30292d100a08968e757 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 12 Jan 2024 10:31:31 +0000 Subject: [PATCH 14/20] Mention PK parse in changelog Signed-off-by: Ryan Everett --- ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt b/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt index e00c1e0a6c..7f0fbc7e96 100644 --- a/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt +++ b/ChangeLog.d/add-aes-cbc-to-pkcs5-pbes2.txt @@ -1,3 +1,3 @@ Features * Add support for using AES-CBC 128, 192, and 256 bit schemes - with PKCS#5 PBES2. + with PKCS#5 PBES2. Keys encrypted this way can now be parsed by PK parse. From 9ae32704b615c473303c35c708efa18673858476 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 5 Feb 2024 16:44:16 +0000 Subject: [PATCH 15/20] Add missing dependencies for pkparse tests Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkparse.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index a8d6536e9a..5e9f0e7a83 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -891,15 +891,15 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #99.3 (PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem":"PolarSSLTest":0 Parse RSA Key #99.4 (PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem":"PolarSSLTest":0 Parse RSA Key #99.5 (PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem":"PolarSSLTest":0 Parse RSA Key #99.6 (PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA384 DER, 2048-bit) From 1d5fa22f9dc75841106d96cba39a113fe092dc21 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 5 Feb 2024 16:45:38 +0000 Subject: [PATCH 16/20] Fix pkcs5 aes test data Remove the keyLength parameter from the AES-256 tests. Add MBEDTLS_CIPHER_PADDING_PKCS7 to the dependencies. Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkcs5.data | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 790a31ba01..939c82fc09 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -143,16 +143,16 @@ depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIP pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" PBES2 Encrypt AES-128-CBC (OK, generated with OpenSSL) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" PBES2 Encrypt AES-192-CBC (OK, generated with OpenSSL) -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94" PBES2 Encrypt AES-256-CBC (OK, generated with OpenSSL) -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301a0408010203040506070802022710300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" PBES2 Decrypt AES-128-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC @@ -164,7 +164,7 @@ pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886 PBES2 Decrypt AES-256-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301a0408010203040506070802022710300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" PBES2 Decrypt (bad params tag) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C From a8082c43d5f8a389ec843b17886673efa14c8667 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 7 Feb 2024 13:31:19 +0000 Subject: [PATCH 17/20] Add MBEDTLS_CIPHER_C dependencies to new pkparse tests Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkparse.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 5e9f0e7a83..6af0702550 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -891,27 +891,27 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #99.3 (PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.pem":"PolarSSLTest":0 Parse RSA Key #99.4 (PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.pem":"PolarSSLTest":0 Parse RSA Key #99.5 (PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.pem":"PolarSSLTest":0 Parse RSA Key #99.6 (PKCS#8 encrypted v2 PBKDF2 AES-128-CBC hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes128cbc_sha384.der":"PolarSSLTest":0 Parse RSA Key #99.7 (PKCS#8 encrypted v2 PBKDF2 AES-192-CBC hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes192cbc_sha384.der":"PolarSSLTest":0 Parse RSA Key #99.8 (PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der":"PolarSSLTest":0 Parse Public RSA Key #1 (PKCS#8 wrapped) From afb2eee263a9fa2aae940e3ff19114194ed00167 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 8 Feb 2024 14:31:54 +0000 Subject: [PATCH 18/20] Add PKCS5/12 exceptions to analyze_block_cipher_dispatch Signed-off-by: Ryan Everett --- tests/scripts/analyze_outcomes.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 6503f9a27b..a54ece636f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -562,6 +562,18 @@ KNOWN_TASKS = { # but these are not available in the accelerated component. re.compile('Set( non-existent)? padding with (AES|CAMELLIA).*'), ], + 'test_suite_pkcs12': [ + # The en/decryption part of PKCS#12 is not yet supported. + # The rest of PKCS#12 (key derivation) works, though. + re.compile(r'PBE Encrypt, .*'), + re.compile(r'PBE Decrypt, .*'), + ], + 'test_suite_pkcs5': [ + # The en/decryption part of PKCS#5 is not yet supported. + # The rest of PKCS#5 (PBKDF2) works, though. + re.compile(r'PBES2 Encrypt, .*'), + re.compile(r'PBES2 Decrypt .*'), + ], 'test_suite_pkparse': [ # PEM (called by pkparse) requires AES_C in order to decrypt # the key, but this is not available in the accelerated From 75e65fe24b4ba67f92bcb44dec768e6b0f5aadfc Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 8 Feb 2024 15:43:02 +0000 Subject: [PATCH 19/20] Reformat AES encryption test data in pkcs5 tests The added comma is needed so that these tests match the regex exceptions in analyze_outcomes.py. Moved the Encryption tests so that they are separate to decryption. Signed-off-by: Ryan Everett --- tests/suites/test_suite_pkcs5.data | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 939c82fc09..52e682321f 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -126,6 +126,18 @@ PBES2 Encrypt, pad=8 (PKCS7 padding disabled) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" +PBES2 Encrypt, AES-128-CBC (OK, generated with OpenSSL) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" + +PBES2 Encrypt, AES-192-CBC (OK, generated with OpenSSL) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94" + +PBES2 Encrypt, AES-256-CBC (OK, generated with OpenSSL) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301a0408010203040506070802022710300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" + PBES2 Decrypt (OK) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" @@ -142,18 +154,6 @@ PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" -PBES2 Encrypt AES-128-CBC (OK, generated with OpenSSL) -depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e" - -PBES2 Encrypt AES-192-CBC (OK, generated with OpenSSL) -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 -pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302a06092A864886F70D01050C301d0408010203040506070802022710020118300a06082A864886F70D0209301D060960864801650304011604102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7c648a9df9759ba49283c261269a71bc06d45f6c24ab6431d77b2ecec1fd6d1aa751bd05b1c026fc8ff91baeb1b1838aa0f825b23be79bc09331d0607181e234dfea4ab3cbf7997747516486b6865e85de95dc9b64d45462197c891b31af6c94" - -PBES2 Encrypt AES-256-CBC (OK, generated with OpenSSL) -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 -pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301a0408010203040506070802022710300a06082A864886F70D0209301D060960864801650304012A04102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629":96:0:"7077e6e8e679962c6feda69c704d58507d143cf77be284f773dfcaa4a5f5e7c1cd5527204916302d435071c01126f4aa76205ce61998d7b8fdf065a77d4a77634376b9968e4722c27f2ac85d79565ff4fca9204d3e4bc8c5bd53c1785bb6e566" - PBES2 Decrypt AES-128-CBC (OK, generated with OpenSSL) depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E0408010203040506070802022710301D060960864801650304010204102F904F75B47B48A618068D79BD9A826C":"50617373776F726450617373776F726450617373776F7264":"0c953c3a9be1502f4d1df1b82df9d99a61ebd2f60ed570d16b241f70b9e61f329174747d052efe5c39bec9d0f7404f84af242914e2ecb74e6e36e8b4147bd0a092a82df789aa3351e0de9f75b285ccb742806526771c8353ffb66176188b556e":96:0:"5468697320697320612066696c6520746f20626520656e6372797074656420776974682050424553322c20776974682061206b65792067656e657261746564207573696e67206120707266202853484132353629" From 67f35688954e7920b58a5765942154da82a64cca Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 9 Feb 2024 13:02:23 +0000 Subject: [PATCH 20/20] Reduce analyze_block_cipher_dispatch exceptions Signed-off-by: Ryan Everett --- tests/scripts/analyze_outcomes.py | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index a54ece636f..8c7f21f85e 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -562,17 +562,10 @@ KNOWN_TASKS = { # but these are not available in the accelerated component. re.compile('Set( non-existent)? padding with (AES|CAMELLIA).*'), ], - 'test_suite_pkcs12': [ - # The en/decryption part of PKCS#12 is not yet supported. - # The rest of PKCS#12 (key derivation) works, though. - re.compile(r'PBE Encrypt, .*'), - re.compile(r'PBE Decrypt, .*'), - ], 'test_suite_pkcs5': [ - # The en/decryption part of PKCS#5 is not yet supported. + # The AES part of PKCS#5 PBES2 is not yet supported. # The rest of PKCS#5 (PBKDF2) works, though. - re.compile(r'PBES2 Encrypt, .*'), - re.compile(r'PBES2 Decrypt .*'), + re.compile(r'PBES2 .* AES-.*') ], 'test_suite_pkparse': [ # PEM (called by pkparse) requires AES_C in order to decrypt