TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 0f286d5453488acbc0ae2191ea80f1156eabbbb4 / . / tests / suites / test_suite_pem.data
blob: a900a33b9b78c1f708a73b6ad4b71419735dcecb [file] [log] [blame]
Paul Bakker16300582014-04-11 13:28:43 +0200[diff] [blame]1Standard PEM write
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
Paul Bakker16300582014-04-11 13:28:43 +0200[diff] [blame]3
4PEM write (zero data)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]5mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"":"-----START TEST-----\n-----END TEST-----\n"
Paul Bakker16300582014-04-11 13:28:43 +0200[diff] [blame]6
7PEM write (one byte)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]8mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n"
Paul Bakker16300582014-04-11 13:28:43 +0200[diff] [blame]9
10PEM write (more than line size)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]11mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
Paul Bakker16300582014-04-11 13:28:43 +0200[diff] [blame]12
13PEM write (exactly two lines)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]14mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n"
Paul Bakker16300582014-04-11 13:28:43 +0200[diff] [blame]15
16PEM write (exactly two lines + 1)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]17mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
Andres AG9c94b692016-10-24 14:31:54 +0100[diff] [blame]18
Jethro Beekman746df882023-05-03 14:49:28 +0200[diff] [blame]19PEM write length reporting
20mbedtls_pem_write_buffer_lengths
21
Manuel Pégourié-Gonnard33ab0752022-02-07 12:47:00 +0100[diff] [blame]22PEM read (unencrypted, valid)
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]23mbedtls_pem_read_buffer:"^":"$":"^\nTWJlZCBUTFM=\n$":"":0:"4d62656420544c53"
Manuel Pégourié-Gonnard33ab0752022-02-07 12:47:00 +0100[diff] [blame]24
Valerio Setti0f286d52024-02-16 14:30:58 +0100[diff] [blame^]25PEM read (unencrypted, empty content)
26depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
27mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\n\n-----END EC PRIVATE KEY-----":"":MBEDTLS_ERR_PEM_BAD_INPUT_DATA:""
28
Andres AG9c94b692016-10-24 14:31:54 +0100[diff] [blame]29PEM read (DES-EDE3-CBC + invalid iv)
Manuel Pégourié-Gonnard52d02a82023-03-16 10:24:47 +0100[diff] [blame]30depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]31mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
Andres AG9c94b692016-10-24 14:31:54 +0100[diff] [blame]32
33PEM read (DES-CBC + invalid iv)
Manuel Pégourié-Gonnard52d02a82023-03-16 10:24:47 +0100[diff] [blame]34depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]35mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
Andres AG9c94b692016-10-24 14:31:54 +0100[diff] [blame]36
Tomás González3719f9e2023-07-05 12:43:10 +0100[diff] [blame]37PEM read (AES-128-CBC + invalid iv)
38depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
39mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
40
Andres AG9c94b692016-10-24 14:31:54 +0100[diff] [blame]41PEM read (unknown encryption algorithm)
Manuel Pégourié-Gonnard52d02a82023-03-16 10:24:47 +0100[diff] [blame]42depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]43mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG:""
Andres AG49d29332016-10-24 14:31:54 +0100[diff] [blame]44
Andres AGa3b9adb2017-03-01 11:53:29 +0000[diff] [blame]45PEM read (malformed PEM DES-CBC)
Manuel Pégourié-Gonnard52d02a82023-03-16 10:24:47 +0100[diff] [blame]46depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]47mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
Andres AGa3b9adb2017-03-01 11:53:29 +0000[diff] [blame]48
49PEM read (malformed PEM DES-EDE3-CBC)
Manuel Pégourié-Gonnard52d02a82023-03-16 10:24:47 +0100[diff] [blame]50depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]51mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
Andres AGa3b9adb2017-03-01 11:53:29 +0000[diff] [blame]52
53PEM read (malformed PEM AES-128-CBC)
Manuel Pégourié-Gonnard52d02a82023-03-16 10:24:47 +0100[diff] [blame]54depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnard1df23b92022-02-07 12:59:10 +0100[diff] [blame]55mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:""
Valerio Setti4ade8ee2024-02-09 17:44:07 +0100[diff] [blame]56
57# The output sequence's length is not multiple of block size (16 bytes). This
58# proves that the pem_context->len value is properly updated based on the SEQUENCE
59# length read from the decoded ASN.1 data (i.e. extra padding, if any, is ignored).
60PEM read (valid EC key encoded with AES-128-CBC)
61depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
62mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,151F851B6A7F3FBDAA5B7173117D0127\n\nLw+0OM+0Bwcl+ls/vxQbLrVshGc7bsNPvvtj2sJeMFFEq3V1mj/IO++0KK/CDhMH\nh6CZPsmgVOeM5uFpqYaq0fJbUduN2eDMWszWRm0SFkY=\n-----END EC PRIVATE KEY-----":"pwdpwd":0:"3041020101040f00d8023c809afd45e426d1a4dbe0ffa00706052b81040004a1220320000400da1ecfa53d528237625e119e2e0500d2eb671724f16deb6a63749516b7"
63
64# The text "hello world" (which is clearly not a valid ASN.1 SEQUENCE) is encoded
65# with AES-128-CBC to prove that ASN.1 parsing after decoding fails.
Valerio Settic1b93752024-02-12 11:03:16 +0100[diff] [blame]66# Since PBKDF1 isn't supported in OpenSSL, here's the steps:
67# 1. generate the key (password="password"; IV=0x3132333435363738 in hex or "12345678" as string)
68# echo -n "password12345678" | openssl md5
69# 2. encode data
70# echo -n "hello world" | openssl aes-128-cbc -e -base64 -p -K "bbb0ddff1b944b3cc68eaaeb7ac20099" -iv "3132333435363738"
Valerio Setti4ade8ee2024-02-09 17:44:07 +0100[diff] [blame]71PEM read (Invalid SEQUENCE encoded with AES-128-CBC)
72depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
Valerio Settic1b93752024-02-12 11:03:16 +0100[diff] [blame]73mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,31323334353637380000000000000000\n\nDfRGkwS+VjvR0IYsjZwW6Q==\n-----END EC PRIVATE KEY-----":"password":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
74
75# Same as above, but with invalid padding data.
76# Generated with:
77# echo -n -e "\x68\x65\x6c\x6c\x6f\x20\x77\x6f\x72\x6c\x64\x01\x02\x03\x04\x05" | openssl aes-128-cbc -e -base64 -p -K "bbb0ddff1b944b3cc68eaaeb7ac20099" -iv "3132333435363738" -nopad
78PEM read (Invalid padding data for AES-128-CBC)
79depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
80mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,31323334353637380000000000000000\n\n333hxynfxEdXrSHQfIabxQ==\n-----END EC PRIVATE KEY-----":"password":MBEDTLS_ERR_PEM_BAD_INPUT_DATA:""