chromium/third_party/boringssl/src/crypto/pkcs8/pkcs8_test.cc

/* Copyright (c) 2015, Google Inc.
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

#include <gtest/gtest.h>

#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/pkcs8.h>
#include <openssl/x509.h>

#include "../internal.h"


// kEncryptedPBES2WithDESAndSHA1 is a PKCS#8 encrypted private key using PBES2
// with DES-EDE3-CBC and HMAC-SHA-1 and a password of "testing". It was
// generated with:
//
// clang-format off
//
// openssl ecparam -genkey -name prime256v1 > test.key
// openssl pkcs8 -topk8 -in test.key -out test.key.encrypted -v2 des3 -v2prf hmacWithSHA1 -outform der
// xxd -i test.key.encrypted
//
// clang-format on
static const uint8_t kEncryptedPBES2WithDESAndSHA1[] =;

// kEncryptedPBES2WithAESAndSHA256 is a PKCS#8 encrypted private key using PBES2
// with AES-128-CBC and HMAC-SHA-256 and a password of "testing". It was generated with:
//
// clang-format off
//
// openssl ecparam -genkey -name prime256v1 > test.key
// openssl pkcs8 -topk8 -in test.key -out test.key.encrypted -v2 aes-128-cbc -v2prf hmacWithSHA256 -outform der
// xxd -i test.key.encrypted
//
// clang-format on
static const uint8_t kEncryptedPBES2WithAESAndSHA256[] =;

// kNullPassword is a PKCS#8 encrypted private key using the null password.
static const uint8_t kNullPassword[] =;

// kNullPasswordNSS is a PKCS#8 encrypted private key using the null password
// and generated by NSS.
static const uint8_t kNullPasswordNSS[] =;

// kEmptyPasswordOpenSSL is a PKCS#8 encrypted private key using the empty
// password and generated by OpenSSL.
static const uint8_t kEmptyPasswordOpenSSL[] =;

// kExplicitHMACWithSHA1 is a PBES2-encrypted private key with an explicit
// hmacWithSHA1 AlgorithmIdentifier in the PBKDF2 parameters.
static const uint8_t kExplicitHMACWithSHA1[] =;

static void TestDecrypt(const uint8_t *der, size_t der_len,
                        const char *password) {}

static void TestRoundTrip(int pbe_nid, const EVP_CIPHER *cipher,
                          const char *password, const uint8_t *salt,
                          size_t salt_len, int iterations) {}

TEST(PKCS8Test, DecryptString) {}

TEST(PKCS8Test, DecryptNull) {}

TEST(PKCS8Test, DecryptNullNSS) {}

TEST(PKCS8Test, DecryptEmptyStringOpenSSL) {}

TEST(PKCS8Test, DecryptExplicitHMACWithSHA1) {}

TEST(PKCS8Test, RoundTripPBEWithrSHA1And3KeyTripleDES) {}

// Test that both "" (empty password, encoded as "\0\0") and nullptr (no
// password, encoded as "") work.
TEST(PKCS8Test, RoundTripPBEWithSHA1And3KeyTripleDESEmptyPassword) {}

TEST(PKCS8Test, RoundTripPBEWithSHA1And40BitRC2CBC) {}

TEST(PKCS8Test, RoundTripPBEWithSHA1And128BitRC4) {}

TEST(PKCS8Test, RoundTripPBES2) {}

TEST(PKCS8Test, InvalidPBES1NIDs) {}