diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/lib-versions b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/lib-versions index e7d16dd..63a16eb 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/lib-versions +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/lib-versions @@ -4,8 +4,8 @@ export ASIO_CSUM=fa8c3a16dc2163f5b3451f2a14ce95277c971f46700497d4e94af6059c00dc0 export LZ4_VERSION=lz4-1.8.0 export LZ4_CSUM=2ca482ea7a9bb103603108b5a7510b7592b90158c151ff50a28f1ca8389fccf6 -export MBEDTLS_VERSION=mbedtls-2.7.0 -export MBEDTLS_CSUM=aeb66d6cd43aa1c79c145d15845c655627a7fc30d624148aaafbb6c36d7f55ef +export MBEDTLS_VERSION=mbedtls-2.7.5 +export MBEDTLS_CSUM=a1302ad9094aabb9880d2755927b466a6bac8e02b68e04dee77321f3859e9b40 export OPENSSL_VERSION=openssl-1.0.2h diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch index 2e5f61a..d5406e9 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch @@ -1,7 +1,7 @@ -From 62dd1588a7ec3501edfaf9470cf7a1ca15cb4ba1 Mon Sep 17 00:00:00 2001 +From 0554efae4e27b6a764def80f600394519ef1addb Mon Sep 17 00:00:00 2001 From: Antonio Quartulli Date: Tue, 20 Mar 2018 09:35:47 +0800 -Subject: [PATCH] relax x509 date format check +Subject: [PATCH 1/2] relax x509 date format check Signed-off-by: Antonio Quartulli --- @@ -9,10 +9,10 @@ Signed-off-by: Antonio Quartulli 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/library/x509.c b/library/x509.c -index 371d6da1..df2cea81 100644 +index 264c7fb0c..9372bcb92 100644 --- a/library/x509.c +++ b/library/x509.c -@@ -565,13 +565,20 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, +@@ -556,13 +556,20 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, /* * Parse seconds if present */ @@ -34,7 +34,7 @@ index 371d6da1..df2cea81 100644 /* * Parse trailing 'Z' if present -@@ -581,6 +588,15 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, +@@ -572,6 +579,15 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, (*p)++; len--; } @@ -51,5 +51,5 @@ index 371d6da1..df2cea81 100644 /* * We should have parsed all characters at this point -- -2.16.2 +2.18.0 diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0008-Enable-allowing-unsupported-critical-extensions-in-r.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0002-Enable-allowing-unsupported-critical-extensions-in-r.patch similarity index 89% rename from Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0008-Enable-allowing-unsupported-critical-extensions-in-r.patch rename to Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0002-Enable-allowing-unsupported-critical-extensions-in-r.patch index da772f2..3b1d159 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0008-Enable-allowing-unsupported-critical-extensions-in-r.patch +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0002-Enable-allowing-unsupported-critical-extensions-in-r.patch @@ -1,7 +1,8 @@ -From 13dd5f71dfe345787c3c44ef177009530983bf20 Mon Sep 17 00:00:00 2001 +From c6963e33209e7fd40d65513e06c1bbb20319abe3 Mon Sep 17 00:00:00 2001 From: Lev Stipakov Date: Fri, 23 Feb 2018 17:12:49 +0200 -Subject: [PATCH] Enable allowing unsupported critical extensions in runtime +Subject: [PATCH 2/2] Enable allowing unsupported critical extensions in + runtime When compile time flag MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION is not set, certificate parsing fails if certificate contains unsupported critical extension. @@ -10,23 +11,23 @@ This patch allows to modify this behavior in runtime. Signed-off-by: Lev Stipakov --- - include/mbedtls/oid.h | 13 ++++- - include/mbedtls/ssl.h | 22 ++++++++ + include/mbedtls/oid.h | 13 +++- + include/mbedtls/ssl.h | 22 ++++++ include/mbedtls/x509_crt.h | 2 + - library/oid.c | 81 +++++++++++++++++++++++++----- + library/oid.c | 81 ++++++++++++++++++---- library/ssl_tls.c | 8 +++ - library/x509_crt.c | 10 +++- - tests/data_files/test-ca-nc.crt | 20 ++++++++ - tests/suites/test_suite_x509parse.data | 6 +++ - tests/suites/test_suite_x509parse.function | 15 ++++++ + library/x509_crt.c | 10 ++- + tests/data_files/test-ca-nc.crt | 20 ++++++ + tests/suites/test_suite_x509parse.data | 6 ++ + tests/suites/test_suite_x509parse.function | 15 ++++ 9 files changed, 162 insertions(+), 15 deletions(-) create mode 100644 tests/data_files/test-ca-nc.crt diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h -index fcecdafd..096b1b10 100644 +index 408645ece..b116736f8 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h -@@ -401,7 +401,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b +@@ -410,7 +410,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) /** @@ -35,7 +36,7 @@ index fcecdafd..096b1b10 100644 * * \param oid OID to use * \param ext_type place to store the extension type -@@ -409,6 +409,17 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b +@@ -418,6 +418,17 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); @@ -54,10 +55,10 @@ index fcecdafd..096b1b10 100644 /** diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h -index cc000700..cb779f86 100644 +index c6e453274..72374e36b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h -@@ -695,6 +695,10 @@ struct mbedtls_ssl_config +@@ -696,6 +696,10 @@ struct mbedtls_ssl_config retransmission timeout (ms) */ #endif @@ -68,7 +69,7 @@ index cc000700..cb779f86 100644 #if defined(MBEDTLS_SSL_RENEGOTIATION) int renego_max_records; /*!< grace period for renegotiation */ unsigned char renego_period[8]; /*!< value of the record counters -@@ -2234,6 +2238,24 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, +@@ -2275,6 +2279,24 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, const unsigned char period[8] ); #endif /* MBEDTLS_SSL_RENEGOTIATION */ @@ -94,10 +95,10 @@ index cc000700..cb779f86 100644 * \brief Return the number of data bytes available to read * diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h -index 06166d8b..adc6474f 100644 +index ac23cffe8..2e489915f 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h -@@ -89,6 +89,8 @@ typedef struct mbedtls_x509_crt +@@ -90,6 +90,8 @@ typedef struct mbedtls_x509_crt mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ @@ -107,7 +108,7 @@ index 06166d8b..adc6474f 100644 } mbedtls_x509_crt; diff --git a/library/oid.c b/library/oid.c -index f13826ed..7c50f24f 100644 +index edea950f8..a756d2801 100644 --- a/library/oid.c +++ b/library/oid.c @@ -254,38 +254,95 @@ FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, co @@ -219,10 +220,10 @@ index f13826ed..7c50f24f 100644 static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { diff --git a/library/ssl_tls.c b/library/ssl_tls.c -index 661ae706..ed1f7b67 100644 +index ca9b8c432..dba0d5122 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c -@@ -4468,6 +4468,9 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +@@ -4656,6 +4656,9 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert ); @@ -232,7 +233,7 @@ index 661ae706..ed1f7b67 100644 i += 3; while( i < ssl->in_hslen ) -@@ -6344,6 +6347,11 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, +@@ -6586,6 +6589,11 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, } #endif /* MBEDTLS_SSL_RENEGOTIATION */ @@ -245,10 +246,10 @@ index 661ae706..ed1f7b67 100644 #if defined(MBEDTLS_SSL_CLI_C) void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) diff --git a/library/x509_crt.c b/library/x509_crt.c -index c6209fb4..1a61e5e9 100644 +index 6751da0d2..149149b96 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c -@@ -526,6 +526,7 @@ static int x509_get_crt_ext( unsigned char **p, +@@ -530,6 +530,7 @@ static int x509_get_crt_ext( unsigned char **p, int ret; size_t len; unsigned char *end_ext_data, *end_ext_octet; @@ -256,7 +257,7 @@ index c6209fb4..1a61e5e9 100644 if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) { -@@ -585,9 +586,9 @@ static int x509_get_crt_ext( unsigned char **p, +@@ -589,9 +590,9 @@ static int x509_get_crt_ext( unsigned char **p, /* * Detect supported extensions */ @@ -268,7 +269,7 @@ index c6209fb4..1a61e5e9 100644 { /* No parser found, skip extension */ *p = end_ext_octet; -@@ -595,6 +596,10 @@ static int x509_get_crt_ext( unsigned char **p, +@@ -599,6 +600,10 @@ static int x509_get_crt_ext( unsigned char **p, #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) if( is_critical ) { @@ -279,7 +280,7 @@ index c6209fb4..1a61e5e9 100644 /* Data is marked as critical: fail */ return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); -@@ -948,6 +953,7 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *bu +@@ -952,6 +957,7 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *bu prev = crt; mbedtls_x509_crt_init( crt->next ); @@ -289,7 +290,7 @@ index c6209fb4..1a61e5e9 100644 diff --git a/tests/data_files/test-ca-nc.crt b/tests/data_files/test-ca-nc.crt new file mode 100644 -index 00000000..7e0c5613 +index 000000000..7e0c56134 --- /dev/null +++ b/tests/data_files/test-ca-nc.crt @@ -0,0 +1,20 @@ @@ -314,11 +315,11 @@ index 00000000..7e0c5613 +OwQ6w1HweApjB46bGyILpGUi9MZhvCnoLWg+cN3/wQ== +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data -index b8c902e2..e7dcb61f 100644 +index 406cf5931..212a2825a 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data -@@ -1574,6 +1574,12 @@ X509 File parse (trailing spaces, OK) - depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +@@ -1766,6 +1766,12 @@ X509 File parse (trailing spaces, OK) + depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C x509parse_crt_file:"data_files/server7_trailing_space.crt":0 +X509 File parse (unsupported critical ext Name Constraints, fail) @@ -331,10 +332,10 @@ index b8c902e2..e7dcb61f 100644 depends_on:MBEDTLS_X509_USE_C x509_get_time:MBEDTLS_ASN1_UTC_TIME:"500101000000Z":0:1950:1:1:0:0:0 diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function -index 0dfdd61c..2be1defd 100644 +index 06f010828..75936010f 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function -@@ -395,6 +395,21 @@ exit: +@@ -437,6 +437,21 @@ exit: } /* END_CASE */ @@ -357,5 +358,5 @@ index 0dfdd61c..2be1defd 100644 void x509parse_crt( char *crt_data, char *result_str, int result ) { -- -2.14.3 (Apple Git-98) +2.18.0 diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0002-pkcs5v2-add-support-for-additional-hmacSHA-algorithm.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0002-pkcs5v2-add-support-for-additional-hmacSHA-algorithm.patch deleted file mode 100644 index 157ff29..0000000 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0002-pkcs5v2-add-support-for-additional-hmacSHA-algorithm.patch +++ /dev/null @@ -1,154 +0,0 @@ -From 56df6d5003b20fa673b67fb06c2ec03a8197c4c2 Mon Sep 17 00:00:00 2001 -From: Antonio Quartulli -Date: Wed, 20 Dec 2017 07:03:55 +0800 -Subject: [PATCH] pkcs5v2: add support for additional hmacSHA algorithms - -Currently only SHA1 is supported as PRF algorithm for PBKDF2 -(PKCS#5 v2.0). -This means that keys encrypted and authenticated using -another algorithm of the SHA family cannot be decrypted. - -This deficiency has become particularly incumbent now that -PKIs created with OpenSSL1.1 are encrypting keys using -hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default -and even if v2 was forced, it would still use hmacSHA1). - -Enable support for all the digest algorithms of the SHA -family for PKCS#5 v2.0. - -Signed-off-by: Antonio Quartulli ---- - include/mbedtls/oid.h | 18 +++++++++++++++ - library/oid.c | 45 ++++++++++++++++++++++++++++++++++++++ - library/pkcs5.c | 4 +--- - tests/suites/test_suite_pkcs5.data | 4 ++-- - 4 files changed, 66 insertions(+), 5 deletions(-) - -diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h -index bf2ef5ec..408645ec 100644 ---- a/include/mbedtls/oid.h -+++ b/include/mbedtls/oid.h -@@ -228,6 +228,14 @@ - - #define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ - -+#define MBEDTLS_OID_HMAC_SHA224 MBEDTLS_OID_RSA_COMPANY "\x02\x08" /**< id-hmacWithSHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } */ -+ -+#define MBEDTLS_OID_HMAC_SHA256 MBEDTLS_OID_RSA_COMPANY "\x02\x09" /**< id-hmacWithSHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 9 } */ -+ -+#define MBEDTLS_OID_HMAC_SHA384 MBEDTLS_OID_RSA_COMPANY "\x02\x0A" /**< id-hmacWithSHA384 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 10 } */ -+ -+#define MBEDTLS_OID_HMAC_SHA512 MBEDTLS_OID_RSA_COMPANY "\x02\x0B" /**< id-hmacWithSHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 11 } */ -+ - /* - * Encryption algorithms - */ -@@ -514,6 +522,16 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t - * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND - */ - int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg ); -+ -+/** -+ * \brief Translate hmac algorithm OID into md_type -+ * -+ * \param oid OID to use -+ * \param md_hmac place to store message hmac algorithm -+ * -+ * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND -+ */ -+int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); - #endif /* MBEDTLS_MD_C */ - - /** -diff --git a/library/oid.c b/library/oid.c -index f13826ed..edea950f 100644 ---- a/library/oid.c -+++ b/library/oid.c -@@ -625,6 +625,51 @@ static const oid_md_alg_t oid_md_alg[] = - FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg) - FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg) - FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg) -+ -+/* -+ * For HMAC digestAlgorithm -+ */ -+typedef struct { -+ mbedtls_oid_descriptor_t descriptor; -+ mbedtls_md_type_t md_hmac; -+} oid_md_hmac_t; -+ -+static const oid_md_hmac_t oid_md_hmac[] = -+{ -+#if defined(MBEDTLS_SHA1_C) -+ { -+ { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" }, -+ MBEDTLS_MD_SHA1, -+ }, -+#endif /* MBEDTLS_SHA1_C */ -+#if defined(MBEDTLS_SHA256_C) -+ { -+ { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" }, -+ MBEDTLS_MD_SHA224, -+ }, -+ { -+ { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" }, -+ MBEDTLS_MD_SHA256, -+ }, -+#endif /* MBEDTLS_SHA256_C */ -+#if defined(MBEDTLS_SHA512_C) -+ { -+ { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" }, -+ MBEDTLS_MD_SHA384, -+ }, -+ { -+ { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" }, -+ MBEDTLS_MD_SHA512, -+ }, -+#endif /* MBEDTLS_SHA512_C */ -+ { -+ { NULL, 0, NULL, NULL }, -+ MBEDTLS_MD_NONE, -+ }, -+}; -+ -+FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac) -+FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac) - #endif /* MBEDTLS_MD_C */ - - #if defined(MBEDTLS_PKCS12_C) -diff --git a/library/pkcs5.c b/library/pkcs5.c -index e28d5a84..95f44fa9 100644 ---- a/library/pkcs5.c -+++ b/library/pkcs5.c -@@ -96,11 +96,9 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, - if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); - -- if( MBEDTLS_OID_CMP( MBEDTLS_OID_HMAC_SHA1, &prf_alg_oid ) != 0 ) -+ if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); - -- *md_type = MBEDTLS_MD_SHA1; -- - if( p != end ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); -diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data -index e609d62b..4c2c0bb6 100644 ---- a/tests/suites/test_suite_pkcs5.data -+++ b/tests/suites/test_suite_pkcs5.data -@@ -82,9 +82,9 @@ PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong) - depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C - mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" - --PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA1) -+PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*) - depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C --mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0208":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" -+mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" - - PBES2 Decrypt (bad, PBKDF2 params extra data) - depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C --- -2.16.2 - diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0003-fix-gcc-android-build.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0003-fix-gcc-android-build.patch new file mode 100644 index 0000000..251de7b --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0003-fix-gcc-android-build.patch @@ -0,0 +1,13 @@ +Only in mbedtls-2.7.5/include/mbedtls: #bn_mul.h# +diff -ur mbedtls-2.7.5/include/mbedtls/bn_mul.h mbedtls-2.7.5.patch/include/mbedtls/bn_mul.h +--- mbedtls-2.7.5/include/mbedtls/bn_mul.h 2018-07-26 15:33:14.000000000 +0200 ++++ mbedtls-2.7.5.patch/include/mbedtls/bn_mul.h 2018-08-22 14:37:31.000000000 +0200 +@@ -56,7 +56,7 @@ + * This is done as the number of registers used in the assembly code doesn't + * work with the -O0 option. + */ +-#if defined(__i386__) && defined(__OPTIMIZE__) ++#if defined(__i386__) && defined(__OPTIMIZE__) && (!defined(__ANDROID_API__) || defined(__clang__)) + + #define MULADDC_INIT \ + asm( \ diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0003-tests-pkcs5-pbkdf2_hmac-add-unit-tests-for-additiona.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0003-tests-pkcs5-pbkdf2_hmac-add-unit-tests-for-additiona.patch deleted file mode 100644 index ad46ebb..0000000 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0003-tests-pkcs5-pbkdf2_hmac-add-unit-tests-for-additiona.patch +++ /dev/null @@ -1,128 +0,0 @@ -From bb029567d8a2b55e500a85c916a8d22ae9434ab3 Mon Sep 17 00:00:00 2001 -From: Antonio Quartulli -Date: Wed, 31 Jan 2018 23:23:02 +0800 -Subject: [PATCH] tests/pkcs5/pbkdf2_hmac: add unit tests for additional SHA - algorithms - -Test vectors for SHA224,256,384 and 512 have been -generated using Python's hashlib module by the -following oneliner: - -import binascii, hashlib -binascii.hexlify(hashlib.pbkdf2_hmac(ALGO, binascii.unhexlify('PASSWORD'), binascii.unhexlify('SALT'), ITER, KEYLEN))) - -where ALGO was 'sha224', 'sha256', 'sha384' and 'sha512' -respectively. - -Values for PASSWORD, SALT, ITER and KEYLEN were copied from the -existent test vectors for SHA1. - -For SHA256 we also have two test vectors coming from RFC7914 Sec 11. - -Signed-off-by: Antonio Quartulli ---- - tests/suites/test_suite_pkcs5.data | 88 ++++++++++++++++++++++++++++++++++++++ - 1 file changed, 88 insertions(+) - -diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data -index 4c2c0bb6..f3c421d0 100644 ---- a/tests/suites/test_suite_pkcs5.data -+++ b/tests/suites/test_suite_pkcs5.data -@@ -18,6 +18,94 @@ PBKDF2 RFC 6070 Test Vector #6 (SHA1) - depends_on:MBEDTLS_SHA1_C - pbkdf2_hmac:MBEDTLS_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3" - -+PBKDF2 Python hashlib Test Vector #1 (SHA224) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":1:20:"3c198cbdb9464b7857966bd05b7bc92bc1cc4e6e" -+ -+PBKDF2 Python hashlib Test Vector #2 (SHA224) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":2:20:"93200ffa96c5776d38fa10abdf8f5bfc0054b971" -+ -+PBKDF2 Python hashlib Test Vector #3 (SHA224) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":4096:20:"218c453bf90635bd0a21a75d172703ff6108ef60" -+ -+PBKDF2 Python hashlib Test Vector #5 (SHA224) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"056c4ba438ded91fc14e0594e6f52b87e1f3690c0dc0fbc057" -+ -+PBKDF2 Python hashlib Test Vector #6 (SHA224) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA224:"7061737300776f7264":"7361006c74":4096:16:"9b4011b641f40a2a500a31d4a392d15c" -+ -+PBKDF2 RFC 7914 Sec 11 Test Vector #1 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"706173737764":"73616c74":1:64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783" -+ -+PBKDF2 RFC 7914 Sec 11 Test Vector #2 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"50617373776f7264":"4e61436c":80000:64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d" -+ -+PBKDF2 Python hashlib Test Vector #1 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":1:20:"120fb6cffcf8b32c43e7225256c4f837a86548c9" -+ -+PBKDF2 Python hashlib Test Vector #2 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":2:20:"ae4d0c95af6b46d32d0adff928f06dd02a303f8e" -+ -+PBKDF2 Python hashlib Test Vector #3 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":4096:20:"c5e478d59288c841aa530db6845c4c8d962893a0" -+ -+PBKDF2 Python hashlib Test Vector #5 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c" -+ -+PBKDF2 Python hashlib Test Vector #6 (SHA256) -+depends_on:MBEDTLS_SHA256_C -+pbkdf2_hmac:MBEDTLS_MD_SHA256:"7061737300776f7264":"7361006c74":4096:16:"89b69d0516f829893c696226650a8687" -+ -+PBKDF2 Python hashlib Test Vector #1 (SHA384) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":1:20:"c0e14f06e49e32d73f9f52ddf1d0c5c719160923" -+ -+PBKDF2 Python hashlib Test Vector #2 (SHA384) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":2:20:"54f775c6d790f21930459162fc535dbf04a93918" -+ -+PBKDF2 Python hashlib Test Vector #3 (SHA384) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":4096:20:"559726be38db125bc85ed7895f6e3cf574c7a01c" -+ -+PBKDF2 Python hashlib Test Vector #5 (SHA384) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"819143ad66df9a552559b9e131c52ae6c5c1b0eed18f4d283b" -+ -+PBKDF2 Python hashlib Test Vector #6 (SHA384) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA384:"7061737300776f7264":"7361006c74":4096:16:"a3f00ac8657e095f8e0823d232fc60b3" -+ -+PBKDF2 Python hashlib Test Vector #1 (SHA512) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":1:20:"867f70cf1ade02cff3752599a3a53dc4af34c7a6" -+ -+PBKDF2 Python hashlib Test Vector #2 (SHA512) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":2:20:"e1d9c16aa681708a45f5c7c4e215ceb66e011a2e" -+ -+PBKDF2 Python hashlib Test Vector #3 (SHA512) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":4096:20:"d197b1b33db0143e018b12f3d1d1479e6cdebdcc" -+ -+PBKDF2 Python hashlib Test Vector #5 (SHA512) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868" -+ -+PBKDF2 Python hashlib Test Vector #6 (SHA512) -+depends_on:MBEDTLS_SHA512_C -+pbkdf2_hmac:MBEDTLS_MD_SHA512:"7061737300776f7264":"7361006c74":4096:16:"9d9e9c4cd21fe4be24d5b8244c759665" -+ - PBES2 Decrypt (OK) - depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC - mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" --- -2.16.2 - diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0004-tests-pkcs5-pbkdf2_hmac-extend-array-to-accommodate-.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0004-tests-pkcs5-pbkdf2_hmac-extend-array-to-accommodate-.patch deleted file mode 100644 index ed67848..0000000 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0004-tests-pkcs5-pbkdf2_hmac-extend-array-to-accommodate-.patch +++ /dev/null @@ -1,49 +0,0 @@ -From d09cecb5f7d1e66476c97a35caee7248930ef425 Mon Sep 17 00:00:00 2001 -From: Antonio Quartulli -Date: Wed, 31 Jan 2018 23:45:09 +0800 -Subject: [PATCH] tests/pkcs5/pbkdf2_hmac: extend array to accommodate longer - results - -Some unit tests for pbkdf2_hmac() have results longer than -99bytes when represented in hexadecimal form. - -For this reason extend the result array to accommodate -longer strings. - -At the same time make memset() parametric to avoid -bugs in the future. - -Signed-off-by: Antonio Quartulli ---- - tests/suites/test_suite_pkcs5.function | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function -index 8fabec08..3ad64805 100644 ---- a/tests/suites/test_suite_pkcs5.function -+++ b/tests/suites/test_suite_pkcs5.function -@@ -14,7 +14,7 @@ void pbkdf2_hmac( int hash, char *hex_password_string, - { - unsigned char pw_str[100]; - unsigned char salt_str[100]; -- unsigned char dst_str[100]; -+ unsigned char dst_str[200]; - - mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info; -@@ -24,9 +24,9 @@ void pbkdf2_hmac( int hash, char *hex_password_string, - - mbedtls_md_init( &ctx ); - -- memset(pw_str, 0x00, 100); -- memset(salt_str, 0x00, 100); -- memset(dst_str, 0x00, 100); -+ memset(pw_str, 0x00, sizeof(pw_str)); -+ memset(salt_str, 0x00, sizeof(salt_str)); -+ memset(dst_str, 0x00, sizeof(dst_str)); - - pw_len = unhexify( pw_str, hex_password_string ); - salt_len = unhexify( salt_str, hex_salt_string ); --- -2.16.2 - diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0005-data_files-pkcs8-v2-add-keys-generated-with-PRF-SHA1.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0005-data_files-pkcs8-v2-add-keys-generated-with-PRF-SHA1.patch deleted file mode 100644 index 9eecc17..0000000 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0005-data_files-pkcs8-v2-add-keys-generated-with-PRF-SHA1.patch +++ /dev/null @@ -1,2593 +0,0 @@ -From 4e96327a813d2e1d06dfb7e44caacb400fd8769b Mon Sep 17 00:00:00 2001 -From: Antonio Quartulli -Date: Thu, 1 Feb 2018 13:54:13 +0800 -Subject: [PATCH] data_files/pkcs8-v2: add keys generated with PRF != SHA1 - -We now have support for the entire SHA family to be used as -PRF in PKCS#5 v2.0, therefore we need to add new keys to test -these new functionalities. - -This patch adds the new keys in `tests/data_files` and -commands to generate them in `tests/data_files/Makefile`. - -Note that the pkcs8 command in OpenSSL 1.0 called with -the -v2 argument generates keys using PKCS#5 v2.0 with SHA1 -as PRF by default. - -(This behaviour has changed in OpenSSL 1.1, where the exact same -command instead uses PKCS#5 v2.0 with SHA256) - -The new keys are generated by specifying different PRFs with --v2prf. - -Signed-off-by: Antonio Quartulli ---- - tests/data_files/Makefile | 568 +++++++++++++++++++++ - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der | Bin 0 -> 728 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der | Bin 0 -> 728 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der | Bin 0 -> 728 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der | Bin 0 -> 728 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der | Bin 0 -> 725 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der | Bin 0 -> 725 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der | Bin 0 -> 725 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der | Bin 0 -> 725 bytes - .../rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem | 18 + - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der | Bin 0 -> 1312 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der | Bin 0 -> 1312 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der | Bin 0 -> 1312 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der | Bin 0 -> 1312 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der | Bin 0 -> 1309 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der | Bin 0 -> 1309 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der | Bin 0 -> 1309 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der | Bin 0 -> 1309 bytes - .../rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem | 30 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der | Bin 0 -> 2464 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der | Bin 0 -> 2464 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der | Bin 0 -> 2464 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der | Bin 0 -> 2464 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der | Bin 0 -> 2461 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der | Bin 0 -> 2461 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der | Bin 0 -> 2461 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem | 54 ++ - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der | Bin 0 -> 2461 bytes - .../rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem | 54 ++ - 49 files changed, 1384 insertions(+) - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der - create mode 100644 tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem - -diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile -index d4aed678..7069b4f3 100644 ---- a/tests/data_files/Makefile -+++ b/tests/data_files/Makefile -@@ -392,6 +392,574 @@ server1_all: server1.csr server1.crt server1.noauthid.crt server1.crt.openssl se - - - -+################################################################ -+#### Generate various RSA keys -+################################################################ -+ -+### Password used for PKCS1-encoded encrypted RSA keys -+keys_rsa_basic_pwd = testkey -+ -+### Password used for PKCS8-encoded encrypted RSA keys -+keys_rsa_pkcs8_pwd = PolarSSLTest -+ -+### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which -+### all other encrypted RSA keys are derived. -+rsa_pkcs1_1024_clear.pem: -+ $(OPENSSL) genrsa -out $@ 1024 -+all_final += rsa_pkcs1_1024_clear.pem -+rsa_pkcs1_2048_clear.pem: -+ $(OPENSSL) genrsa -out $@ 2048 -+all_final += rsa_pkcs1_2048_clear.pem -+rsa_pkcs1_4096_clear.pem: -+ $(OPENSSL) genrsa -out $@ 4096 -+all_final += rsa_pkcs1_4096_clear.pem -+ -+### -+### PKCS1-encoded, encrypted RSA keys -+### -+ -+### 1024-bit -+rsa_pkcs1_1024_des.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_1024_des.pem -+rsa_pkcs1_1024_3des.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_1024_3des.pem -+rsa_pkcs1_1024_aes128.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_1024_aes128.pem -+rsa_pkcs1_1024_aes192.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_1024_aes192.pem -+rsa_pkcs1_1024_aes256.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_1024_aes256.pem -+keys_rsa_enc_basic_1024: rsa_pkcs1_1024_des.pem rsa_pkcs1_1024_3des.pem rsa_pkcs1_1024_aes128.pem rsa_pkcs1_1024_aes192.pem rsa_pkcs1_1024_aes256.pem -+ -+# 2048-bit -+rsa_pkcs1_2048_des.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_2048_des.pem -+rsa_pkcs1_2048_3des.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_2048_3des.pem -+rsa_pkcs1_2048_aes128.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_2048_aes128.pem -+rsa_pkcs1_2048_aes192.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_2048_aes192.pem -+rsa_pkcs1_2048_aes256.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_2048_aes256.pem -+keys_rsa_enc_basic_2048: rsa_pkcs1_2048_des.pem rsa_pkcs1_2048_3des.pem rsa_pkcs1_2048_aes128.pem rsa_pkcs1_2048_aes192.pem rsa_pkcs1_2048_aes256.pem -+ -+# 4096-bit -+rsa_pkcs1_4096_des.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_4096_des.pem -+rsa_pkcs1_4096_3des.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_4096_3des.pem -+rsa_pkcs1_4096_aes128.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_4096_aes128.pem -+rsa_pkcs1_4096_aes192.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_4096_aes192.pem -+rsa_pkcs1_4096_aes256.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" -+all_final += rsa_pkcs1_4096_aes256.pem -+keys_rsa_enc_basic_4096: rsa_pkcs1_4096_des.pem rsa_pkcs1_4096_3des.pem rsa_pkcs1_4096_aes128.pem rsa_pkcs1_4096_aes192.pem rsa_pkcs1_4096_aes256.pem -+ -+### -+### PKCS8-v1 encoded, encrypted RSA keys -+### -+ -+### 1024-bit -+rsa_pkcs8_pbe_sha1_1024_3des.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES -+all_final += rsa_pkcs8_pbe_sha1_1024_3des.der -+rsa_pkcs8_pbe_sha1_1024_3des.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES -+all_final += rsa_pkcs8_pbe_sha1_1024_3des.pem -+keys_rsa_enc_pkcs8_v1_1024_3des: rsa_pkcs8_pbe_sha1_1024_3des.pem rsa_pkcs8_pbe_sha1_1024_3des.der -+ -+rsa_pkcs8_pbe_sha1_1024_2des.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES -+all_final += rsa_pkcs8_pbe_sha1_1024_2des.der -+rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES -+all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem -+keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der -+ -+rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -+all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der -+rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -+all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem -+keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der -+ -+keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128 -+ -+### 2048-bit -+rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES -+all_final += rsa_pkcs8_pbe_sha1_2048_3des.der -+rsa_pkcs8_pbe_sha1_2048_3des.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES -+all_final += rsa_pkcs8_pbe_sha1_2048_3des.pem -+keys_rsa_enc_pkcs8_v1_2048_3des: rsa_pkcs8_pbe_sha1_2048_3des.pem rsa_pkcs8_pbe_sha1_2048_3des.der -+ -+rsa_pkcs8_pbe_sha1_2048_2des.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES -+all_final += rsa_pkcs8_pbe_sha1_2048_2des.der -+rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES -+all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem -+keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der -+ -+rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -+all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der -+rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -+all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem -+keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der -+ -+keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128 -+ -+### 4096-bit -+rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES -+all_final += rsa_pkcs8_pbe_sha1_4096_3des.der -+rsa_pkcs8_pbe_sha1_4096_3des.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES -+all_final += rsa_pkcs8_pbe_sha1_4096_3des.pem -+keys_rsa_enc_pkcs8_v1_4096_3des: rsa_pkcs8_pbe_sha1_4096_3des.pem rsa_pkcs8_pbe_sha1_4096_3des.der -+ -+rsa_pkcs8_pbe_sha1_4096_2des.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES -+all_final += rsa_pkcs8_pbe_sha1_4096_2des.der -+rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES -+all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem -+keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der -+ -+rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -+all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der -+rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 -+all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem -+keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der -+ -+keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128 -+ -+### -+### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1) -+### -+ -+### 1024-bit -+rsa_pkcs8_pbes2_pbkdf2_1024_3des.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.der -+rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem -+keys_rsa_enc_pkcs8_v2_1024_3des: rsa_pkcs8_pbes2_pbkdf2_1024_3des.der rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_1024_des.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.der -+rsa_pkcs8_pbes2_pbkdf2_1024_des.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.pem -+keys_rsa_enc_pkcs8_v2_1024_des: rsa_pkcs8_pbes2_pbkdf2_1024_des.der rsa_pkcs8_pbes2_pbkdf2_1024_des.pem -+ -+keys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des -+ -+### 2048-bit -+rsa_pkcs8_pbes2_pbkdf2_2048_3des.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.der -+rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem -+keys_rsa_enc_pkcs8_v2_2048_3des: rsa_pkcs8_pbes2_pbkdf2_2048_3des.der rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_2048_des.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.der -+rsa_pkcs8_pbes2_pbkdf2_2048_des.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.pem -+keys_rsa_enc_pkcs8_v2_2048_des: rsa_pkcs8_pbes2_pbkdf2_2048_des.der rsa_pkcs8_pbes2_pbkdf2_2048_des.pem -+ -+keys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des -+ -+### 4096-bit -+rsa_pkcs8_pbes2_pbkdf2_4096_3des.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.der -+rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem -+keys_rsa_enc_pkcs8_v2_4096_3des: rsa_pkcs8_pbes2_pbkdf2_4096_3des.der rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_4096_des.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.der -+rsa_pkcs8_pbes2_pbkdf2_4096_des.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.pem -+keys_rsa_enc_pkcs8_v2_4096_des: rsa_pkcs8_pbes2_pbkdf2_4096_des.der rsa_pkcs8_pbes2_pbkdf2_4096_des.pem -+ -+keys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des -+ -+### -+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA224 -+### -+ -+### 1024-bit -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem -+keys_rsa_enc_pkcs8_v2_1024_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem -+keys_rsa_enc_pkcs8_v2_1024_des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem -+ -+keys_rsa_enc_pkcs8_v2_1024_sha224: keys_rsa_enc_pkcs8_v2_1024_3des_sha224 keys_rsa_enc_pkcs8_v2_1024_des_sha224 -+ -+### 2048-bit -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem -+keys_rsa_enc_pkcs8_v2_2048_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem -+keys_rsa_enc_pkcs8_v2_2048_des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem -+ -+keys_rsa_enc_pkcs8_v2_2048_sha224: keys_rsa_enc_pkcs8_v2_2048_3des_sha224 keys_rsa_enc_pkcs8_v2_2048_des_sha224 -+ -+### 4096-bit -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem -+keys_rsa_enc_pkcs8_v2_4096_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem -+keys_rsa_enc_pkcs8_v2_4096_des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem -+ -+keys_rsa_enc_pkcs8_v2_4096_sha224: keys_rsa_enc_pkcs8_v2_4096_3des_sha224 keys_rsa_enc_pkcs8_v2_4096_des_sha224 -+ -+### -+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA256 -+### -+ -+### 1024-bit -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem -+keys_rsa_enc_pkcs8_v2_1024_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem -+keys_rsa_enc_pkcs8_v2_1024_des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem -+ -+keys_rsa_enc_pkcs8_v2_1024_sha256: keys_rsa_enc_pkcs8_v2_1024_3des_sha256 keys_rsa_enc_pkcs8_v2_1024_des_sha256 -+ -+### 2048-bit -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem -+keys_rsa_enc_pkcs8_v2_2048_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem -+keys_rsa_enc_pkcs8_v2_2048_des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem -+ -+keys_rsa_enc_pkcs8_v2_2048_sha256: keys_rsa_enc_pkcs8_v2_2048_3des_sha256 keys_rsa_enc_pkcs8_v2_2048_des_sha256 -+ -+### 4096-bit -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem -+keys_rsa_enc_pkcs8_v2_4096_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem -+keys_rsa_enc_pkcs8_v2_4096_des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem -+ -+keys_rsa_enc_pkcs8_v2_4096_sha256: keys_rsa_enc_pkcs8_v2_4096_3des_sha256 keys_rsa_enc_pkcs8_v2_4096_des_sha256 -+ -+### -+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA384 -+### -+ -+### 1024-bit -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem -+keys_rsa_enc_pkcs8_v2_1024_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem -+keys_rsa_enc_pkcs8_v2_1024_des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem -+ -+keys_rsa_enc_pkcs8_v2_1024_sha384: keys_rsa_enc_pkcs8_v2_1024_3des_sha384 keys_rsa_enc_pkcs8_v2_1024_des_sha384 -+ -+### 2048-bit -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem -+keys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem -+keys_rsa_enc_pkcs8_v2_2048_des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem -+ -+keys_rsa_enc_pkcs8_v2_2048_sha384: keys_rsa_enc_pkcs8_v2_2048_3des_sha384 keys_rsa_enc_pkcs8_v2_2048_des_sha384 -+ -+### 4096-bit -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem -+keys_rsa_enc_pkcs8_v2_4096_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem -+keys_rsa_enc_pkcs8_v2_4096_des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem -+ -+keys_rsa_enc_pkcs8_v2_4096_sha384: keys_rsa_enc_pkcs8_v2_4096_3des_sha384 keys_rsa_enc_pkcs8_v2_4096_des_sha384 -+ -+### -+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA512 -+### -+ -+### 1024-bit -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der -+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem -+keys_rsa_enc_pkcs8_v2_1024_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der -+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem: rsa_pkcs1_1024_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem -+keys_rsa_enc_pkcs8_v2_1024_des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem -+ -+keys_rsa_enc_pkcs8_v2_1024_sha512: keys_rsa_enc_pkcs8_v2_1024_3des_sha512 keys_rsa_enc_pkcs8_v2_1024_des_sha512 -+ -+### 2048-bit -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der -+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem -+keys_rsa_enc_pkcs8_v2_2048_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der -+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem: rsa_pkcs1_2048_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem -+keys_rsa_enc_pkcs8_v2_2048_des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem -+ -+keys_rsa_enc_pkcs8_v2_2048_sha512: keys_rsa_enc_pkcs8_v2_2048_3des_sha512 keys_rsa_enc_pkcs8_v2_2048_des_sha512 -+ -+### 4096-bit -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der -+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem -+keys_rsa_enc_pkcs8_v2_4096_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem -+ -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der -+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem: rsa_pkcs1_4096_clear.pem -+ $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem -+keys_rsa_enc_pkcs8_v2_4096_des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem -+ -+keys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_rsa_enc_pkcs8_v2_4096_des_sha512 -+ -+### -+### Rules to generate all RSA keys from a particular class -+### -+ -+### Generate basic unencrypted RSA keys -+keys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem -+ -+### Generate PKCS1-encoded encrypted RSA keys -+keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096 -+ -+### Generate PKCS8-v1 encrypted RSA keys -+keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096 -+ -+### Generate PKCS8-v2 encrypted RSA keys -+keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512 -+ -+### Generate all RSA keys -+keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2 -+ -+ -+ -+################################################################ -+### Generate certificates for CRT write check tests -+################################################################ -+ -+### The test files use the Mbed TLS generated certificates server1*.crt, -+### but for comparison with OpenSSL also rules for OpenSSL-generated -+### certificates server1*.crt.openssl are offered. -+### -+### Known differences: -+### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension -+### as unused bits, while Mbed TLS doesn't. -+ -+test_ca_server1_db = test-ca.server1.db -+test_ca_server1_serial = test-ca.server1.serial -+test_ca_server1_config_file = test-ca.server1.opensslconf -+ -+server1.csr: server1.key server1_csr.opensslconf -+ $(OPENSSL) req -keyform PEM -key server1.key -config server1_csr.opensslconf -out $@ -new -+all_final += server1.csr -+ -+server1.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@ -+server1.noauthid.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ -+server1.der: server1.crt -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+all_final += server1.crt server1.noauthid.crt server1.der -+ -+server1.key_usage.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ -+server1.key_usage_noauthid.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@ -+server1.key_usage.der: server1.key_usage.crt -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der -+ -+server1.cert_type.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@ -+server1.cert_type_noauthid.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@ -+server1.cert_type.der: server1.cert_type.crt -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der -+ -+server1.v1.crt: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) -+ $(MBEDTLS_CERT_WRITE) request_file=server1.csr issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=1 output_file=$@ -+server1.v1.der: server1.v1.crt -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+all_final += server1.v1.crt server1.v1.der -+ -+# OpenSSL-generated certificates for comparison -+# Also provide certificates in DER format to allow -+# direct binary comparison using e.g. dumpasn1 -+server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) -+ echo "01" > $(test_ca_server1_serial) -+ rm -f $(test_ca_server1_db) -+ touch $(test_ca_server1_db) -+ $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.csr -extensions v3_ext -extfile $@.v3_ext -out $@ -+server1.der.openssl: server1.crt.openssl -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+server1.key_usage.der.openssl: server1.key_usage.crt.openssl -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+server1.cert_type.der.openssl: server1.cert_type.crt.openssl -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+ -+server1.v1.crt.openssl: server1.key server1.csr $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) -+ echo "01" > $(test_ca_server1_serial) -+ rm -f $(test_ca_server1_db) -+ touch $(test_ca_server1_db) -+ $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.csr -out $@ -+server1.v1.der.openssl: server1.v1.crt.openssl -+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -+ -+server1_all: server1.csr server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl -+ -+ -+ - ################################################################ - #### Meta targets - ################################################################ -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der -new file mode 100644 -index 0000000000000000000000000000000000000000..4d55a591130415c2fe32e3b9152471b3c9c5d8e5 -GIT binary patch -literal 728 -zcmV;}0w?`2f&$bqP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UmRshQ@;Gp-Q= -z0tf&w3gmBIG`st_(NFpncKNK%a4x_6kDwR@_XtXQZJaw -z&-O|Gw}*kdOXWz?X4G$ni$U&XTx|*XzG*1wLqX9(kO!B{C}yEaZrh*7sIQd9BQ4L~ -z>FQNEAJS!#FVi})RcG(;mRJk=1`X$GC7s#_d$|dO9wKINpuFejF;ZUh!`o7RzVf4- -zDED92{rGHXHg9D~fY_MTe;XEKuWFx+)%p(fFL@p=s@cc_!DhFNnVt+67on=NrmJML -zTQZ)H4u|aW*=RXuj~?R4TWH^pMJ{SlSubvRs{a^t=lMMx6@3W7C9tTra_+0Ru5hbi -zT$X>L3G2mw|Bi?krWsj3OX!Lrhvv)Ptp_d>AjWj;J}aL{y4s*C15-%p?_p_jPB&kd -zpOg8K9+rWxJ|TpR=dN|Hv6%xx-miqchQslXgpn{$lzoIhv|vjN<2XUbD+t)D@=b%e -zhE2>`^{<~qC88w`Nu4!7t}XuS*!bA1?83YXwTf8QCXyvL$b41=gm1#1X&;~zCTC+3 -zHF%Lau?Xce!O=JXfFCN!RPj;aoGd^Yr=b__;=-q8dTC9y!kv8b;~5Gpb(*b`+c^!a -ze~opsFVK7Np4K$Y_;;5-JYd2}K=+`u8E!F(-LpZfnvy-Gea15iYN4aylyr$={Al^n -z5e_js& - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem -new file mode 100644 -index 00000000..b47b5e8f ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIc1vbNC/8pHsCAggA -+MAwGCCqGSIb3DQIIBQAwFAYIKoZIhvcNAwcECLMkF/Djhb0fBIICgAg/jv44TuAQ -+yB+WMkHpvVS25ZLJabHUyHLS+vqhEkz2AqvJNETL/L6bIHRD1o4BJ8Fcrc339Bz+ -+zuFHnK7JG0PzRKl9RcO/SY9lfLFNkXtyPxB6DtSXeYTV49NtAvWPV46LSBnMqnP5 -+/Tkmk+sE3Lx+sBMqe/rpBeZM31fB9ShS9FgDGfE+ARvzcuQslYNazdT2KVeu+5Tp -+qSN1lhAW18Dwo3r1IpnhWGZ5r66TEEunhGI+mX9GdkDhhFiHHn3tUPiWSh9UAPH2 -+W59/c7sY0Rn5AmqeHu6F2b99ScRaLhkt6aFNnBAcnrjHhqZJOl4UOR7OGL3WlNjN -+FXfCzJ3/+lA+NNEVWScb4xs6RNQRnJ9NHyfdSJuQQM/HXhaW1nSYoFS8nKDpenXA -+8hb3gbrGeB0MybmpGtiR4MhJD7FWnH0uQsA4dOrrx2XYaPUBZGtqzvrIDmzO6jv1 -+ixmuSyw7nZSYqT554tPT97oBRPHhQVdz7fGBEqxrBNJR1cQjS35Q3oes6jarzTsu -+z8REC1QXZtgbWZvlm2m0iwKhQItqOfSnlNkL0IUJGUF8j3Ijz/fbNsfPOObpQCic -+ARz1Mnq9ZaDMrvMMpJHcMhYe3y75zuv9WODuPl9vNVc7KRRWgqVDmBHYZqHh4M2w -+T86WrEbnbNEHHPhXgSsaKYXvBD7zWocfQ3r2HEstHj9AmoqslxIDptqJv/8Lye9E -+kbv+d48oEkStDIfa032Ha95zsMp7BuvWStwnOG2q5sCexNpQdw3Mp7Y2oejVKRS8 -+Vc/icnFu35VxZLq/vBEFEDjzbCQ0ayk+GKYWyAxW7gsmWtSWDskv0WaJ0cNj5u2L -++BsyzY8Hw7s= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der -new file mode 100644 -index 0000000000000000000000000000000000000000..2ec275f143a9bcd1b9f17cb220140bbc17ff95d7 -GIT binary patch -literal 728 -zcmV;}0w?`2f&$bqP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UlY;ErM%$%NVh -z0tf&w3BtR;`W9zJI|G!laEfJ_H!|*Cm-l2p`RH`2!_XMk4~o3ci2pZXjycH4$nZ8@`B#winYFo=w5k1=PHeFC|u2{9HpVGXm74;h03D^Btq -zw}#aR+nl}1Tf9g2a{N(3&_8HUW%kXeyx*A`wbj*LIZxfH? -zfy0w}pa@HReT1;U6o{mzLHBc7uNX(_2ZKeJKpOk!3lRJydc{T1SasXspCP0zQiuzMvlc{bd^{DDb99*VW(syC- -zj+=va7!K9qEc(s%pXdWKVsLROPWhR4g#cCO^4D>~l{?!>vVo*0FGvBUbh+8BbA&tO -zGT~(mhpEUc$k*y}pr$PitycW1U4_TgQ9=0S8*?9_ifH%|O8nABYYVOM{tLTkXi<** -zqq#Wjw;!j^jpSzrc-HM);*WEk|g`|wj^R%mzA~W(Xgiu+eaIEDbRLCEbnmQkY -KfKkKkx^K4em|dj+ - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem -new file mode 100644 -index 00000000..95934548 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI9ROEj7BZDIsCAggA -+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD8QzMKCoJNPBIICgG/g7EGQ8k7c -+5j0huNkV3WdtH4a3b5w3xD5mzGy2LoTaM+iLdatb7JSA63v5KmWwYI9WDqGsbAfE -+gApGcoAkXtb2FlnMOb1azjDHVkHkMGkINKD8LvwGEb5/eqW6Qk1GS6WH2q7IuruG -+y77wsxkk2gLJcdO8+k0aLMZTQ5lyTm3d2ap2f5QA78NGo0n9zJJs6JAWsoXfdMZk -+ShrYwJWaAYDlFVn3vne55mC54Omx1wCqNM+0kkTvbCS1U96FYNzbvIZe1gaULxAc -+GkRIan8Mo5da+2jI0GZf6w9S5E3f8zi7lltGlfmcN4bMZR3fGwpAdPx7oW9j0GVc -+162Dmn8SS9tgT2pWeDb1DjjabeSc5YzMIJpblMJM6KB4g2GpKhuWNtfHLIxR0M+7 -+YTvmwE25L4Oq6bOzuM4lX8rp1fTqnOQDmXHIB7PO3w+kh2nxUwOoB/9nXNlkdUw6 -+CbsKOr0MV98Ab8pTvwhZUm3UhHzONInDkHH5POHqqWc5XCfpW1fekUuOIkr3yPrt -+F1lY0KBMq6FMcMm/aZDAaM6rB2yLzfe8ErtA7zwkfb3j44bYFFjo3WiaaBUnpmps -+oAHdDqJMpsfs2sQeEa7jMb6dGUjlUU/3S+nf9cpQAH2spWbDMhM5Sewc9JpGDk4w -+6KD9ICHr+FgT0sF8hTbBZifxAeuXuaq6r3LGaYNs6EvADC3MzSNu0dt2ZK4i804O -+y3LSXX/5zVqSbmtQ6NW5oL0bAR4SP+QLCJtXYLI0n7WWJwesFokW3ZWgvOJe40gk -+9oNQ8DyBRlK8ier9K/nyS0VVo6QGxPAKr2Th960ekBWleHr4UGnTUFM/iuTuOTJu -+l6dmAeTEdaE= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der -new file mode 100644 -index 0000000000000000000000000000000000000000..106aa99de7e8238acfef03a40dcbf05d2d0123ff -GIT binary patch -literal 728 -zcmV;}0w?`2f&$bqP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UkX_7#pQ_8xu$ -z0tf&w3 -zA|V}I@JRieAOg*4O-`E|X};Wd==p2=Gukmo@{-VwoIC^}vIldWf>tFnw|y6oFUJCO -z{11~q6}Cu-nCOdEraPy&i(ccG&J%9Pug~%`0dZv=?0kn!+Q;Xzf2->zDt$v(b9_w` -ztcela+b%f4^o#oy;PRS8?3T9jE&pS6OW?#H9mH@<>ML!$OJ;tkCJ*9+m{Q^pht^j+I(&+gr4XI=?`u+RO}{F`-`7Wz -zW)x)LLDHHSQNtuS%Zh{9)u}!bJZpx3Bl~v8Jf<1ioZy($*cFLpKTZVdB=PhDX*8Ju -z26GsqLIBec*>)8c&4f|FPozxFbPONn|4{5{EaA^$lw=gmLk?suJBxUKbvObA37wsj -zscr1hm;{9%B3J7J>?kyiqbHZ#dMwhEzX_jq`3_VnAv1JVKDQk>P?BIm_Bkh(=uuZi -ztJJ(K{|S^?MKK2!Xjom;`~YdX>T#3xt=q^QXGAoih*2x-M|T2A=^BF*+pd;ncvvPl -zPQEM_V%TVnM<6WT6&%SB@Wk6Su8j$CFy4f(&k$e%y$MPK-k>GN`-?vj^PVcdGQD9A -K`Vc1nEizwUwM>2h - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem -new file mode 100644 -index 00000000..3baddefe ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIwD3fpS8RxVkCAggA -+MAwGCCqGSIb3DQIKBQAwFAYIKoZIhvcNAwcECOmyF+CEzwvIBIICgPFC3z4bUVPM -+EgLGuLP6CiDPSKuCx3VdAu5/G5WjjU+dDvEYDtOrVfbBpVhgGAYYuhXlI2bzoO2Z -+RPZLwmaVZMUUPqHjNZHND0BPsHnb54Lyw+xnhIvipYpt7m3+swL9JUzbK4bImhzD -+3UdVYaCwwnpnAcTy9gleqoQ2ikCX28Oc+bZ0VUUIX+KVbVOv3gNN4w5uTyUDRGgl -+AW2E2IKoNNW8oQzZYatdSMMb4Qu09HRevWpUkB//XGrCcC8aAwynxHrz7hSrJYbt -+SJVNsyl+djFRcKg8sudGUPua+mYWEecCs9/MVataWfpnT8hPtPUAQpyRpC9Yxa+c -+yYfl+7jHvJk54Lw92P9YAb5k0T57+G7Fpxi6MaXn6FAMqFHY2dJO7cxsg41qkF6A -+sc3nvcxAxj4gtCgV0d0vVLDjbgjcAevLbzOsJVDzB8y2i6V5l+2/ffV6DjjYO8Hb -+jVl6psDscX4VfX1zkEIyTF2P77luZ1gvXuFDw3+y+HpUAAE11vvFH1hmj7RR7uH+ -+Y1Y7gUvUA9KSvIStsSzfdcQwaZTMNdfUNkPzKHMVZJNQ2KYkv8F4QSA7qpC07Kt9 -+4iCj+D+8nMxS9s2xsZo3lgksB3srmn6ryQimEcLb/cFWbkTSGAah81UOIVtNJT1l -+Tmwv35rSTELD4YVWz7CHh9nE2JxeLg6WmtlzF5ALxi5L/grZUN8lx6jNeC8/O8fy -+twXR/LD1xmAn6wxcxraqnctBqzknpOP3Eize7pCDpOJR0Z1WaHvULez8G2CedEo2 -+SvU8YqnJ44ceom2V3wDS4+005Xq3zKDY6xL2htnDHd2vOPstGLfHxEppNpjBqa9A -+qj22QdMCv58= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der -new file mode 100644 -index 0000000000000000000000000000000000000000..cb158b59e3855c228ad6bfcf280904f87a26e0d9 -GIT binary patch -literal 728 -zcmV;}0w?`2f&$bqP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90Ul3NPR|`k?;2c -z0tf&w3Kb>NmbbK?H&T*kc>;_L^5E1>6idd%d5sG%| -zDZwYjAm|0hRd0gw16$l`k1Z?vZ@~;cv39-n`z)-%13|*;?sd|gvrjh_kJLSBCpSo? -zMj*=Z4?n5ExksT7)r<9OkywX%(UNCsP!}x5^hlR8W$ccUn-tk+11{q8R<^PB2fv_n -z7nVy4-i@!(fwwZ25f3YZbXO;tjVNhgR3oU5T0#XD79l?^K+eW7+0enQiL~KbTY}|T0P%xntz|&oJ!dWqQPuT%>Z`MbtDMJUc+`iuUyYB-H -z)`2$KMgBo(%iauwddm@l=e84 -z=VkYcot@CDYnj?E+bt0GbS=jA6x5Nn$SV=`x^R#<7H-CJ2$e%G36D{w(MU?PnG=9N -z`#n+hDbuR*x6ybM#bee~ncw3mm1o2i|LF(24cZ}=ca{#a&Djp;bVEQONL6XAz86%L -z!`KG)EQ5Z}25(hkJfDzIoj9#R_cE_| -K7fa|51{f%?KunPU - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem -new file mode 100644 -index 00000000..95d946bc ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQINtUwWQJ0GUACAggA -+MAwGCCqGSIb3DQILBQAwFAYIKoZIhvcNAwcECADq8lFajhVgBIICgJfbFYo4Pk6o -+m0FhCL1/6VwE8oNU8iRbzYLs+ZjpHDKKs72N97M6FkPgwYQmcLBiJgYDfk+otjIy -+Sv2QOklnEi8Vu22c+5P7UQxbobSf26hGgRlvue9xwBWylnBj9VwvgUAhbKUKJDW2 -+lcUryZBQM9vX3cpeJUN7DsRFA0gyYjuoNTm1+Y1G4UqZcQUJyIVqSHA/dKpitnhR -+xRNP/IkkY4GxTE3VXSoOm9KecA72iAnBdzrO3yMx7PkWUotZolMXK//5eacginYw -+dSQIZDCnodaC0ugH/7QuKbe3UUyMt9b/a7Fx6c8CiR3xA1sJt0N9xGK0M1+JFBqr -+cewSxvF7I+IRRE6buo1S5rqzBTZFfGArvyklBKgC0UmSFu9B25HcQzrBEXMPneG7 -+W736jjfwclwKwboCXt/gHJBM69Pf2Y/Otjf1HGFcly9D+P8SPq8dkBSp49Ua9RpH -+gtXpaBiNZ9Q3DIXMu1U9wLYhYJZQxU+FQHuO4wGR7h1KdSzZCg84E/T232qDr1Rf -+7vLo7OHsAtQGU1pZGGorlTcY8KKwdeyo9Qk31jIZf4DwLKu+Zk1zICHrE1kuwNVE -+5dcIIKA86Pu4iw2i91At2GJbGJku9j173rSL4IHV4ESUKKoHMH2ncBfjcTtjBXXj -+FyauFwU6qFo71WXRMGKZpZgRenK2Lyr8/e1g/nEbHDfqN9ntgDlJhqku6ROP1Jns -+WzqnWRquSk93p0xDMZAXxUZSmCzGlBr5xPhCOmHp7YWZrLmKVdWXM/6MFWpj5KeW -+raxqwtiL0gU5wkKUkIxvIrjp0PqtU2q2dzwoL0blAXKEqU4v1nMeW2qhY30qz/rT -+wu95SzZgh+Q= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der -new file mode 100644 -index 0000000000000000000000000000000000000000..d29a1e69c87016dfda7bf260d80a2b721bc56b4a -GIT binary patch -literal 725 -zcmV;`0xJD5f&$SnO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90UkP{*EfDX^(&c -z0tf&w3ikSmuYucgkjNL^8_S!!!$t@lKzZ?Q&su4^tGj(KiMcy -z>AieN0cZCBzLh?3`5lJ>4Xn`;1P076HZM0eo8_)iy=}2^#s?jP&h{Kda%*s|8YAXv -z3ZlN22OyP4pXH!J)4t_v*AP)N2P^=uJQssptRwPfN_%6W!`~LNHLS;V9IJ;Z!*ECt -zHPO&r8X038Qj}R4x6NIxsXkE^B4<6&KoyP(KVlDmJCu%E?^R6XJ

@Ahzpo>#Fp}wVx$N+d`grh7@@H1X-X?X0p -zcTKONM~r8UQm_u$9qOHK#&Ocph{A|0dlu#7>jc2e%Q6cF0huL-O#eMaxs`%R4ebij -zDZi0yN9qz5fusDQ7QAc_{fPHfxL{98k^mNV6$JvY#47rNxC(JKc>ky>La82F?30r~ -zJ#RZbJ)($aZW4a#Z3qB&+uvKB+?;R{x*ScKXtuIl -zMj1@AKGu^{V~L&knK$FehRq>N8F;F(EolHwm{T_(6Tl0c*O46blK~GwijE)lzjng0 -H>vXWe(bq*~ - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem -new file mode 100644 -index 00000000..9fd035c5 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC0TBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIoN4P/1fEZkUCAggA -+MAwGCCqGSIb3DQIIBQAwEQYFKw4DAgcECJntwhGUq6HXBIICgB4ql0o/M9lv7Px6 -+DUZBn1QFddPrr0slxLK7CoR1gabr9FI91o+dpyejeLHF2VFUYY3F56Q7f0P0b6Fo -++OekgX1ySvsM5EPGZBopXaAnAaoiYuZRSfiLeauHHCC/eJx5SH58pwqy0rY4j2ND -+U1dYB+AVsdpRVv/MOSn6MblqauywTo3rIleK8SsuywV7NqIDLb3CHWEkUQEHJoFB -+NfNb51u3GETcrYWf49V1WCbftPHj6YHlsfmUwivGCieAnNckJvUXa2TTXq+tWpO3 -+8ar1cRHCFZSgx2chTgY+S5KoXcSmTp1ilNb0XADQYyWGVH3FUo1BBVk+iwNWM6vA -+d6yhtdAATsdaA8e26ehXsWDUV5OVxctgjX6NVem7hJJEmGxRLQIYfR1Z2bsJp/eG -+ZiweIIhsSMyKQI1jTBV10VwX8M2ovffHfAmtxbZKGVPVLnxW+ilBy6YMR6viZW/1 -+EPVKeKjqlgZkhLVBNgu9WsIeP0I+RvNPMaRE8j028NW71WGdgwJ4Qb+Z3687Ob9q -+tgNwp32isZ0K99UX6fUj9sR+kEcF0yMaysE1PXJd56HNydftORdq9o0jetZadlE4 -+WYEvIfUd6U4nHK6OcUsNVNLua0XB1hH+K1CcPgY6JV90apsE05fP6oncPwDQT25s -+8wzGpitug30N8CtH/fS+4WjJo5qa8To/JZibg3KhufeRMYKLyflfV0cp7nMtdbtd -+e1CI6KFhD+oBLzsSdG0BrwaSVfxsayQQGuz3FYx2NlcTRhgXeM13pmqmv/xoMYqE -++BC0kiRhZ0yIh7Xpzg/FZNjbuQpQvqbYmlqFdKsz6YjeKcqvGMI9iav9nRA+ag3Q -+qUmDliI= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der -new file mode 100644 -index 0000000000000000000000000000000000000000..7f576bd16f29b70f450f515fae3912e520ce9c3a -GIT binary patch -literal 725 -zcmV;`0xJD5f&$SnO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90UkwRi6VL+AS -zhhqw|Y6L;U58(5&u~ZS60S>504z9S!{-M9I|A!jBMaw%2N7kZd`>oc`44(Ud>I6G; -zeibpq4KDm<&+^zw+BcWtnoysd{27%KB|nx4Trc}bL@ae%6v!%VxZ=mr*2$k?B7Qzp -z5C+baLOI{*NXzV%@KFqC3ug;8_PXsBJDorKG=IGuzIU#Y|Bn2lncj1;eBfq~KCX@m -zw4sHXVhol~t_%5eb{tK`0eD4D*l?2!aIta^FMM7)jY#3WY4H%X{ZX%j3O|LGP5RN@ -zPj`ms2R0J6m=kYE0`lyK3yOuoq_ABF+pB^CcJI1_Thx-l4H=`u=HH@Wr!sk###k~@ -zNuSChRwe-0c$r7nB%33AZ2Dh8w_peNurm)7!?e4vzi6o=DR$r#9JYYw+sLM^pLKPc -z4lmu{6VpwpCt1TN7qC}?meG0*p#LHQR302Jjkr)-F5KX+){F_eo4XpJb@HMnZ&>Xc -zr?|pri~>0B*E@*w)@s;3CFCs!@6cX6U}3xB_*dL{`1ykbDm{tVi4dL=`NNV}+_3JR -zoHdmN0snUCUlRP}bD|9gDrt(r3{}p{GB=mBv|Acg?N->SL(wvU^n(+-dT!A{Xds#UkpxB9O0-OH#+l5j^DZ*AG!&O!fuUj!Lm&5s4LU -zu|O85j?wavhPw1Y)&xJwN>sd*&_1wTX_6>CATbRm|_{C%ldmM{qmbP#g0cFV5MA~xiBYr@N -HjSb}5LornW - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem -new file mode 100644 -index 00000000..22d39e3e ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC0TBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIDhZ7Qmf2HYACAggA -+MAwGCCqGSIb3DQIJBQAwEQYFKw4DAgcECHj4bQ/zjLVVBIICgOZGVB9PiB/MTUYA -+HdiMnbJ3ackg1x5NBk4Jxlae/4WWBX9Cg6uGMA5CP6XlzhlFSDji+L7+OatW51/A -+0nREuJWAoAAlayQujwuXN5YWOHzlf8007IHzKQqGtRTjhgGSa5kddXzfYvqLVsdV -+MAb+8UZgc+6wO0Ag27rEWjvx4HKUzS03sqVqF/Rl22oK0VMbVWU12PqLMMBpL6BA -+19MKsKDe6yO4fRbipT3aJ0fv6RW6RESWAXc/9dG/P/0kEZXvi4OwR0dkT0s9m2D3 -+7r9Z+0AK5uSRU/ftcYIf5ARvIOLltfNN0TUo58I+f7CTKCDLUQbEfDLsHNuGaAfA -+YRLyZukS1fppZiog/JtwGQsIWMChxE4SVThmYhqJ4mCUA3I2SXKSaS4TMAPrEJm4 -+onOG2NSgHQWdf9cHNMHeGj4Ey+qgDHMYUC49ScsZQecdd395j5T0znIJk4ysawGr -+34vt8HIn6iCxp2ZbHzqLm1qeV2Lgme+G9IxJi9+UR+eL0BZdaCt6tdyF9/4HXXTz -+hrcHC7vFVVe1HnK4B2AzO2uitGE3aEodRertqJbafWyOfip6Agjbx/Eu5IDFFrCU -+KxgZxV4agc3/zjwmwapVEZdTr9pyP/6HBxIhhd0KEX9cVMauCcOA83U+iezBaZHS -+frP3GVqBs+CzCx4nIXiCRacc/pf6tec9nL7mbrUtT+lQoCOPcJKcUAZyW305+5Nq -+mGho5y6i+AsF1M1l/Ar2gUGMN9//VscombNMRFXUE2Q8yL5//gJRS1rN7U3w5dRI -+3Bk6pbMp+RlbtzeS2zA9cuLGWtxvdblYCo90p2iam8zqfDKEZ4dFfJlPZvRw2hot -+7BkFp/Q= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der -new file mode 100644 -index 0000000000000000000000000000000000000000..4445235c8391ac6a9b16a1999cc4b6e422272567 -GIT binary patch -literal 725 -zcmV;`0xJD5f&$SnO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90UlQX*^4p%k*Oc -z0tf&w3A -z>|>be$lU!@4zr56BT&_O-^jC)e6^{yur#KJ&I_H5kRCr&a0jeSF>*4*?9%XO;qvQj -zF83p9d2>=jYjsau9FbBHM3OpqPZjdgl2nAz8 -z+`|7UV2DW+ -zRI|Vj-Ua)H?0Pfk$fML{OA1%z%Xg{5QlqqQD|!j-!*7odE`)@pAi^Hlnsh|13uX>I -zfOg3Tcl(U&i7&(av-rA)98lFo+We*&beP2|!k@F!QQe2zQ)aqJ{ox?)4OVx<|Hlpq -zEru22&;q|QeE6@RvzG{Jr6#jLSN+VV>Lj(HqD0jxyY7bGbB7>^`9$87k$%2Bg6Y;8 -zl#kCzeI5+pmtT{xdDiq5F+>}6iJsMH*usFLsjlC)K#p=r$Bp-xMsbgWtP1#WeEcr+T -zl!~w?eMG~3_;u(660^;g)^bv;YsszqWyo9lU(?2b)_57(O3_0Eg2AtDvMN6ix4M&w -ze|5Pw)p{&LNQU&90UmPfR3^TK>=w3 -z0tf&w3!B1cCy9k1yIyRo$2Rqx`}d -z#_Fb}F-5QZq!`>&U_Kfekbb!hBNTTL>y;s?48oi~UEPWFNm-NsM -z_6~C`#+MiP*gANV86KKnJeWA3FDxPgvgdrT(-@*(u796YfE9hdXQ0yuuG<@`tXrMJ -znfGAUB*JG{d#dLIVy}e -z%wBOXoivu(V9*PVUP`T~MzOu_&)QT_lvRMg+c~}{ -zG%AL>5LS1VkVzNs6J*GEU%%k)Js=g5)OGJM0-~boX$j;QG4Mo*(8S05z*A-!zy4`L -zjv;x|ZLQ0D_8fHXT7o}Gw=qg*(w9ghtwwpF<*a>C9%ykwt4^NLsHvG<{qoxR3(lNN -ze_yVEJPB>NOIW_Va+9rV*;vs`M%n|bWL6vJ1M@Np8J{-xV~?$f1x{U|k0=*sp2uS% -z5CV3V*X2R@m&{b(*2ngpXRQDjU7^WLhzA#y9UjWS0)z-@x7@=%hZ)&OL_O`fs3CP9 -HX^QSdO(Io5 - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem -new file mode 100644 -index 00000000..12725abe ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem -@@ -0,0 +1,18 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIC0TBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIEfr61PLRSswCAggA -+MAwGCCqGSIb3DQILBQAwEQYFKw4DAgcECIis3kdV3MqyBIICgN8cVWWhMwix1YF1 -+5atoT1U1EWGOUokVtb+oTlqJfMvnZeCHc6kYMwbWvTqga88AUhSssFL9WaXPb67a -+BlhYYkijNdOcu7m0V331RWdzxGAYHHv6Zb+43+/a3fx0hYwWsAKBLKnYXbxAckA1 -+NSuItKnyrWCprvhelNLJRBY3aJG9EeqjIeh0MLFMbIhFJosnB7oMliYVu4DxnMNq -+JzWoiBHllgidjZm/vTTmfH9gL0ya6TwBgmj4gOvRu30P9wdBPxS7IZi0xj618SMm -+eOSVdRpuxvX4gzQ0TuWTzFIRdhCFx5fL366tVca/YZ+9qRO5oOqAucVKWZ5zcMVp -+yD1SOjMDP7x+3LBzIYAYb74kHol8ejIQM3IrO0nzANer5M/KWIRbXoDuyLzeiqrG -+FbzpL/kAQ37L7o+GS6gyYgN0lQoZxlgTt4t1+DCNAMWh4xmFTNJgXB6a846u6c41 -+K4GQrwOXGAr0pYdNg44fB5fqw+594VKxHEa+7MpMvzos4wsISkrCjbFRVCuO78HY -+rwsD6pWtac02fg+8+a8cTmUXGkzoEKE80hTC0r1SO2w0RabyjTHxRQyZtcCgavkr -+E6Avbabq3GDdxT4IpTI6LiDKFaRUpxMnTyToTlGzsi7sjELHDqgOw4/PbTeNeyJH -+PPqoB71p9Djitpw0plUoO9MWQQPWB7ro3W0g+2lS1782wTk+9jWBDVdgDV8+FYJG -+cr4GxoADHFOt2viKf+7cq5ZP8HxvLfHF4kULslea2AM+3yTQ5TTAahCbGOPVJgaA -+tcqOZIGpIxk+aRceZRrKPerXRmZvRItbgZ+QUCw3kRxgzanOHB671jp+VORMFzJR -+jhpl0rs= -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der -new file mode 100644 -index 0000000000000000000000000000000000000000..56e17ea30dde27fecc6a96a819772e07593e7d20 -GIT binary patch -literal 1312 -zcmV+*1>gEGf(0BfP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UjmEypNdV`bk0 -z0tf&w3|i(fyyQD+flhtUi@@ -zOulBXzC0ixz1cpN5PXcXr4JLCKKm`G6|Thzl|Va32%EQ8TA9n5w2P!yQULQDYCJb0 -zwTi}BXu)Tk7wb#p#CaO!T&>Xis5 -z0kn&or^6du;RKZ)tBHB`6a(_(;%<^GFn1L+qI87x}h!JuyxM#e}wH -zvmAQM?DesX72Z2Wjt6BAe-Hxyb-YYQ?gG{eQFB1e6p*`uoW&Cxt}4`ZY5vG)Y?_0T -z>`8XXOyg3u?B8cXhTQoD*8=q%lFY8IJn5pQIT)!AoT`+u*+M`B&P8u{Bkg;ch`~?C -z3{ri(mM@^@-`DREhrIhkIdeavzr7*@isY2vKu8H%;c@Y -zC6~YF0^rvw*gada|2#hE4px#%O{v1j(xJRQeQBh>ziw|MorlWMdO*1ulArXcosc8XMA)+L-F15~W2c76Csr)w)GRdF!WY -zv7=1ydC~x0UVHwEtzpL=iM=aPJ|28)G>?=$$kU}{cBJH~GL+@&`#6}jEVTKRX7I7~ -zV@gTeEG@Td=p<>XB!=11azoTHgGP^~aMA;&*&+fSinf%esvWzZ~IwF>=9C`Y2o~`^Evsey;6u-ib`*mS#+!ogg -zo{WW|8$Ga)FvM(Yp!MPu9t -zHXE1CH8a>^?)1=v!Dg_pp&!?Ypgqh+@(?Vw$~?@72-ZcipeE8#+ojr*nMfB;_7h{F -z9F(F5%Q1ugWN{54m`BaHiZ?28N|F7C!_t=7#f#cQD33;AyVfA_;(n+j9gwiltUr66 -z&d2$hO8?ug7q_Ju&{E%qiJfjJltFR1eI_%*sE|j(a<4<<>VdI#TZ08oQ;%Ukk!MVr -zs%VlTie^!h86pQJ5xhMh#|$#5oHP$D1c+~I?<7PDI^-!ljaZY#7KqfI^-hX>pw*KP -zN6pGAEt8=rEH4>kYmtEr%|eFU-lR`x52v)qFr^s0t{OgL_XD%8sBZ|NK4FFR^?sN< -z{%1FU*v82^c4S!M9yXX8{wvGpVxGyv7Uho7?;Pz4V{b92LHg*LW}qvvH&4B|)wIXp -WhoI(N_@%t?rO{Ptb=-5^4%Ic2`EcO? - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem -new file mode 100644 -index 00000000..8ed64603 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem -@@ -0,0 +1,30 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIur3B1wRZWJ0CAggA -+MAwGCCqGSIb3DQIIBQAwFAYIKoZIhvcNAwcECEnKPmr6wiNuBIIEyKNZuEXIk0Eo -+AC7KnJWaEhSDsr4zte/uGDTeOGRVT6MreaWUH3i/zwHXsavEBsw9ksLYqxXsIeJ9 -+jfbn24gxlnKC4NR/GyDaIUBnwGlCZKGxoteoXBDXbQTFGLeHKs0ABUqjLZaPKvNB -+qt9wQS+zQ8I6zSQyslUfcDr3CZNgHADdmDFiKisAmT1pbtBgPgzmxLNSmx9C1qwG -+ejuZ/SJ0YYAdRPkDh1p2yEiAIfRVFTgWcjltcd69yDk7huA/2VCxWJyVDCGrEnlm -+UJyybUcXXofneBp/g0J3njaIbIftmYIC+763EKD/dqVIRXVxrkHyYcvZ2nVNUT73 -+Uflk+JuHIjTO4jHXiPcaPdAEPLeB2D3Geq5ISYOvTzOeurfD16Y9hrN3IHi9gedm -+JTcEPkAx2hcb19h74XlV5tcQ5ImsPgLRl0euODN07+nj14AFxCQhuoGx+Yj04NkK -+dV/l1rLsbmLiqr4n+y5ezGr0GJARVinLCBehptzxaipXPzRW71IQSddbtlSl1rz5 -+Npv0HlwGgwTacv7T0ZdWncaw0VjxjXAwHBD82fCiuH3qZAXEa0M4drxROeIncart -+MIky9qIRjfImr3oh6GLxNBB3FEFFf+23CO+Qt3vrh0j8sVYn3cpbgHcqv0q4fca7 -+Sq2okw4RjxcDHyLgWiR20tUkqJT8FYQr0u0Ay+LT2YVVO7+EQVqvlraQcOS4Fkfa -+Vnggn6sdyhWWCV1rab0v81qZYBvRoUK/ynICKCbXaJ8d1mirdNGgs3FxpVAiUPZ6 -+LYZ21Uwtj9OoeEQ06GPKq60xHjUmTsNiEkh31AIlSAgdsN/0+pUiD6f1lCWfiLUi -+8MuFUDXqkqXAvnJW2/mKrLvcx7Ebm02rkNw7AdAnUnEx9BGxD1B0TVZtRid6mPSO -+kXv7adNyBH7qoI9vGGQ1ptNRcNxhxqgGgtfwI+0mV6P6G8BJMl8urZYN8aAC7dJX -+/k9EICTUcOU6nIyFFe8tk4kkcjdo9BNkgB4JjANT4ptR2w950tYVqDMHBm1eKPBC -+bL3SnDDm4Cplsy7zAdUPsCe7/Zk3K2SJwUj/lDUTDGCTtq4RplfDEBWb218XWgA6 -+rHgi9/EFH3YCZM8EiE9Mnx9UafdnfKhk3tm3I5nKo56C54os/EKL8W+lhXYdK9dz -+peehTsjEQjF0/1OE0097XlCShP8E0bdluoFkD8mKYC7mGv0muJLuHdGMEaCKzKoS -+LBKpZNYdOu2wlFfCkf8zSWO4eZYKbSUL88AoEM7A/kquQsQnb80FkciPFazlF9lb -+ihxh3YD+TNH58zpYvqgOZkBflW4kKIYbyWOm+ARMq+eVph1aNKMdzeW7Gmf1Fab3 -+SQmfuEBAfS8u5ghW3J57q8gSJSGB8bpYWAmNGGeQE2g8C6HTxJ34kU2HoFLo8a1/ -+cqrExWl0/lkhwqc7PpvJbKIMxVOOXtVMrzG2XBCkfQSmtwwOqH1g6AZv+6sXyLZJ -+PmvQ+R/23+eDqp/lymz0G6F6B10pldgqt5FHYxGaVEp7GIx6L+GtI6G2qGxpHJA9 -+x//r3gdd21Fd6y7qHYOLO4fEYAe2sN0mJVjxFLsg9AhCzfxKEHsit5LMdTkGFRG0 -+XGP/QsVNcWJaYyaKTXaTCQ== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der -new file mode 100644 -index 0000000000000000000000000000000000000000..847de7a637e15dbd40950541ff5fbfb251255f45 -GIT binary patch -literal 1312 -zcmV+*1>gEGf(0BfP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90Uj-fseZxA@*@Yn9f&|FNIhn)_E9dY` -zp5IA#Zal1)@vtOnxxy;BbmTxQ01}Ya5+>nzV>(Y?(m7^?C(PU*LVhthb!rd)diuXobR$#L;YuS^BoIghj{H -zEn9YWg1Wa+E_v&UR#FcbBMAnukZ4Vl9^*QH909)9s?-qcj+l^UdagC~OaLyC)A@md -zG&J2;LsE11UN;oDeBuO8kUq&hLKP+(DgB0^y_Ey^ONH*xmNCx}Ysf!G?hMBJ7yqcAWCizgJWoN-W{(= -zk(lvMO)sivA_$bAe}|ZVeFY+`uA(L=(_t5}AP^Bh(EsZ8Wc5cgBxb0($N7cz&EYt4 -z9Kc}cAzv7@qm@QI*R4qMZS=XueMG_zJzEis5}~vhU6WJ(jYUmS+2crQL7YKPNSD<; -zD0$b8=E9Qs^lx~Cc?&S~)GfdctPZ)cSw+!V$_?kKcl^#>Ibp%SDja~FOx3+pLF}Lj -zN86_Ina&4$Gi#09V!d5CVbmJzg$lY1D22d>D*mU1N$b8>$fsuYO<_cMn1G++7_5Lr -zxLf1hJp*TCQTL^)JA;7v!vlfyPZi7BS(%&}c!s!_D+LmR_aM(jK{pLCLIZ_{3MLIr -z>)2?d7*)6Wh&tIXYzA0)6!*XAhHS{=W((4cvEbbYQWtQ>A!=pTkmUJ0(~U*5n=<){RKnXKo#T76sl9%Hq+Fxf#1W*x -z!u3#41Xjq|RjA&9Djr_lG&1l2>Zsn(A-PaUYi6C@1I8%Be4S|>Twt^pV|_0k46~9w -zAt}OlURULK9CoOGLrO?uHaI~YUKvgrj`arT;;S3Qg}dc0(_bwm!EbC%_ePy}RV~v8 -zteUnd>et&;k#LV+oImtGO4|CAwSKp%ijHjH%W1D|;)oq~UD;^pbGkBe#}BKUZ-XBw -z-iGPhfNjVuo|tnyQ&ZNfMX_yh#DZK6J^PCfq3!tE%&d6;^wR~GD04(0!s<&FnJ`p> -z(;C%gz_UydfW0{phP-8F+D8eCkw(jJ14KTvYR`<~!NFsPFI|vr6#@X$GPw9O$V5p} -zsM#|HO85Q|5_zwJ0hKVeCZ@8DS&j)Bwn=6EzzB1q_)mPVyMQvznrjxVb$1Da#N~L| -zqz-x(5fA~guC~*oL3vH(klZA3%Jo>-LLv8^IfLN&2GiBX$D`*AX+byg01=u*lxU)% -z;!V%n|Hicy17L=|*ipFp&dN6&#bKy&7*pVCaA#O#x*glfaI;w1V#Wg@H5HeLR>!kk -W;TSo@PCc5A#R2q^wKv(pKESQ$cy#6f - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem -new file mode 100644 -index 00000000..33a770e2 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem -@@ -0,0 +1,30 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIv/X98EPvjcYCAggA -+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECO5EBOummZrzBIIEyG+qrKhGE4TX -+ch9QUfLBhcklrpcd4xOF0FfwVfaO17gWAOp2Ukdm1MBof1fF2wU0hNG+dX+wIMhM -+/MFZWx5J0PLULmAe+m5rEVqRVY13Kxa5UJ8W4oglXVfeRkTvyuWr0Ov8E4wrh193 -+jmGXA+jAjMZaAgHWZzmHDX0NwEeoitkFEXJc3tt7WAaq93/QmtTYKH5eoae17M1o -+yiSAxI1uNzHryPRt+6hp1z+sCAcniIe0fF6GrmkS9KcFzO99yehhrxyojiFPLSDr -+Cfv8mWY7nUSFAW5UBR6KA6Ggp27FyKXKc/k9fvZzASJzyjxG90FHyIEdxw5KsWU5 -+NAAO+P2Da8aX2xctAnKxY78cFB9Iu5RSCGc92pp+G7OcdFUjXsYXr9KEX9s5bObh -+TuYGtepHEKLajFZ9JvhjQm/t2lYa0GGBNH5j1wwmfdIqZZR82mYgsgVVhyp8NC+Y -+Yw7K/rjZDgpQYSrUHGxlPYoxZwAHvbTHuTuGI3N3mS6kK4Y2NY0OLQOrVnFGNT57 -+ER2LK2PDUrk3tqTwpIcRKIqeMRayqNQ9MUsjjQ+v+yPcbwbZ78Ci2niq4vclq+84 -+tReLs/JBo4WHfdtFdzCnIqLVx2K6mjkaGL5q7tKYQoDjHxaU7Rp8cqy4d3EFovZr -+W15EZaFo70vsxN6Dkr7lkJdBbDbeQCdkTyL4sLimYKselKZZLUl/gKw2hCC8vfoU -+Jjs7td4IQ0vhBtVT46PUdLnvxcqpGoYBMiVNlGYowP0ugd2MHISFeMYytSSq4Kqn -+0OnbqG262WnuxXIufm86KTs9c/x1+ZTrAKrk6XarmbF8I7pB0jBjObZntGmZ05bF -+vJgRUDAx9sheNwPPiIM/7ttCDoxU1escT+u4l675FkHMhZDUSLSRqVNvGmt/ES2F -+c/dIq4iDGgG+MZP85S09ah5KKruDE7wvZdpA7NTWzSN/FL6JokU+GsaWGt32Hmia -+OK8F/CRtUfHFUjLIk/+v5wzqYWqI3LjorXQSV9pWmtahp1cLQ5Wba9vsPP/Wvi+2 -+m7FyBEJtgKP813YOND5ZG+NndlkUahwditGJ2XtpS4sDhFyQ50oQm6vVY3nxlkyi -+7gcCE8xOI8ufFS7CBl12pFys5XS6htkmBbMSncOoNo7P1kuu/n+CcjCnWAY1iFsN -+OkYOKDZlRdkbish4JqTe0LdRV2CcpGmDoZkMqAo/gacweT1OswgxPZqRAlaakDsk -+0z+wy1wNgJlLF6Mhub1zT15e1Q+/wHUNsAcIRbEsq4vfSVn562/umqqVZleHUfoB -+tAKAAIwee5aNB8fBcUFCqiNPFGnyuJdEy2QCu/xiFQ4M5EGGApPOoQpSCu40X8kx -+tIsIihquALlL2nx7jPvBIpasKq9SRRg54VYp+5WQBVxUSAY9EsaRSuNrkTJTG88q -+4WO5rHW3WFZOwfU2LGvjhz7SY+9H7B/A5aRuTuU9BkVnm5w9WtkS5pHU24WJ34MY -+LESH1yE99OtvHuz5PwX1kcoYKdGnd6OeNkRLWl72GeTiU8bTJkB8SHx9Ol4kVTuH -+fPsY/ekPh0rSuhj7L0kCTPJqU0+Xfl3rqWAKlpXLFzMKyIEhu9kGgGRAr7kB9ACL -+ocX/IfJDcGRqP9cpBI04aA== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der -new file mode 100644 -index 0000000000000000000000000000000000000000..5a7c60fe590ee880278ade7eccfce546bcc15bd9 -GIT binary patch -literal 1312 -zcmV+*1>gEGf(0BfP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UlC%Q{Y!e{4MB0{=p!!Yqp`4SQ-}}lNLuPKwhOY?4 -zNglW(sA9M}h~_=5oZF#93sRm#*2yPC9uDw|YcQpYFOoKC&p$q=R#a)Yn*Y~BDjQ;i -ztl!Rj%;X%O70|{{Jy3BrEE!5Phk^=SK$^5m1`c^)$7P!&w8b}nZ5vE}qvL1lZmvwv`y8B;S=UL> -zp#b-&VoDtl$bAfs-#ugfavEEt`uf+&--8a*%{Tw7^MtF&DE&hv1Y -zB#SWy(Y@HkuiN|T(JUSf7~a@&+}s8~Y*4^iw7kViBMZ*NE7zjTxNI|#@Tgh2x!TX! -zxDy&XuvlX)NDh41tBC$?l!+{n(;v7;(fyuAN&kFctVSD)Y#L|jCe>XqK=yresc~Sg -zry9JhHx94dW<|r{ZXwLA{lW|)+_h1LeARhVn0)scTU~2*7rm0M -zCXn;#+nfmh+IQ0tkpFHsnMSWeSWPD3i0N0D%%AHXOAxVPR>H0(fNz(#{W$ew8oc7> -z88W=rtj;XXJ+8+w(mo`E3h$=~`!Ap@eO*4m2I96#<75Wk9Cf{|e6dqGK1BwkT;mi@ -zN=ba26A}HyQKuyDToTp#_rz3I&u{mxiw}FL!P_zzF){!BET`DK2lkze?DQAOI{nHG -zo1M({SIN-61dN6!l)4f){?e$Ar?xi0(8>rsabWh1X{rsq -z5BedQsX>-By{%>bzozQrMv)QJujxLL7WXy0Y+2F1LV^LrSGH3Lmf$ExGf)rjT7eTw -zat0>n0yReol9_lmL)%T>?G6*UhJ;BNc~RHJHzKe2vw^upIpG -zggLQu7)hglR)w`^@6^q4w-5;0X0K=&^^3fz%2_<0-4_cRedkp|TDC7kT<^YGDX3mx -z+32gEGf(0BfP6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UlZEa)UBEJ>CE -z0tf&w3?Q7#nW7FGvSTouMJ{j%o&M$T>MSs -zcZ!}KIi?eAOU>j>jhQ-B -z)5|mQ!lazCs=^k+D3vqvP+~eqLD>usN8+AtsRx1Eh9-b1;;LaMF@J!1`SKwjwD$}k -zBavcAJo>=Gob)=s8a}gVLt2g+Gb$FtL#Xv$(4=EI>)I&CJ`9zE-LV-ESyN8*8OaIo -zwqqAwd9HyRy(t>uVE!)ICFeuGuv85pAxbmwj0dVWIH9XVPkL9%AJY|Q5LBDG6D3xj -zhEkl#Mx>gT{p|@#kk*ON$;RyJv -zbv{ZNi>zQ5{fEI^_DL(5$EF0@Of7O}pckuaes>^)4hfqJ$uYdE%>me4t12uq6pucY -zc}M|SAh=>oq$r@f1Ktn-3my0Mzs2H%^=XR@mblzl0;vs%K*woV2e^T^br#G3sO~A# -z^xP8P)2%*-WmlhU18jmM4-; -zwCnS}(s5Ar0otJi9kYaA^3nA}-IIO_O|Fj#o}P1R4RTNdaPEpW4D1E(jqx_S=_^Z~ -z1xRRQ;C^dJyBe2ez8)o3Ww6r;<;>0AUsZ-3{Z~jNQY16v8o;bQsll|LI9!L8jnQ1K -zD{4UTV>%|krENZ8FAl|)r{`%v>uJU%y+waN<75Q>-W&LpI{rbfs@Uli^TvJj6Iv+T%4ulpF)iwC24CHc7wvNa@lTBXjZ -zZm!=29rkWP5hvaLYVz-8)w;A3X2ehykybmqcbAQus+S7xCI)_2h=oc~P_%EJ1Kjgw6&fFs?n^yoI5O{t=X221qT(*^eRevWi4dbG%Ai@) -zpg*UP;FRi~PX~}gv`HpYj~zPxMYG($FKO|1*I$}&I^ikkkz(#qNwEfJ3;_J -z;j>9IS1%OL%GPwCha`M}Fb-FzzjNxu5#gjhBFMgj%{wc4NV1l)cFR*0@pvu_;6Z1T -Wb#3`U=?D9U1ao!fEa9LXbvP}kJ8Uxm - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem -new file mode 100644 -index 00000000..dd9897b3 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem -@@ -0,0 +1,30 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI9z8gVJbtqxwCAggA -+MAwGCCqGSIb3DQILBQAwFAYIKoZIhvcNAwcECCQqQHRFeFdeBIIEyMJpY0A21GrC -+pKBL07F7zOyuFIdwQT2f0wnL6lPWvUg02M2jlHCLDYlciCeUhE9fHUDA67814lvM -+dlZ8KgCsp+2mqkoZB/hRvvS+ZdUqkwSI1J3Wt5hz4dKq0cebJWpDAcY/+031+zTU -+9iCshfsWAGdlcAIBZOEXDwejNfIayp5cFKvQqg7kmED+KN71QmSVmVyKafh5m0SC -+2Y3CoZTQ1982VImx4ZOfh+r86XNkrKLj3KYC1K6DR64Uwq2yLNoypTjdUig81ste -+Dhqm+0YXVN4dxXCLF4desKWxN9v78VmCuHvYkRyunj9Q43GVp51cMQfFRBLWIqnB -+OrT8k020lne0MxO1xju2sr3GWA4Wn6MLqrxSdfTq+P7ZYcSh2BchkDPslxi5gNPS -+Hv5o28rkVW/K34UQw72Kur5JGMRNwJpye2rSPUbtLKb0z81nPzJMP+BCl9DttTr2 -+zDkkn/AFBRuKH0uWrKv+9f7FDu4hxsdFFnLcD6kWlX/V37b5tYAcy9Atd7lykw8F -+K8wAoYZHyzYaIR5otYV5XgjMcw+z9U+5t4ouXSYght88Y10Tq1IYnIx0I55KaV44 -+uCdrptsKnXXWvIux8h8p/SUwvJOrECc/nYxyfS42diH3V3VGV78fw6n74nDOYnLK -+ruIASg92TXUp3Qd8xdoiqdTfx8ZCgNy0mmrYycrP3cUciAYURuKWjjdTN++fk2Vx -+Rw1KTFgTf0Z3dxEMIKDHHDiGUbO9cE8oEMWCv0YJ9n97suoIN3vOcifxG/93RE5M -+1xe91IEY494/DdgsMqb0D4T0G5rbFHnNY8bTDKIDpvZKzcbnm9vnxPi7Q1S1kkJG -+230apDz1Rln0AFO51SAVS8QoF5wP69cL9vrC5miVh3mwqkDVoHnLNpJrT1o/XcVR -+Jl1j1t9lgFNJhVTltTPza4FydXRe2ZBCNKpDci1jFtD8KYZGOCc+PQtJ0Wtcx4qJ -+KVGO52gUT+DSxmaKd+3RyG7MsDw1CPT8inHkACa2G+GGQvqukbjLppQDkvmUPkTa -+fEotMYqnlvqznwiWURl962lyRJJsxClC6Q9R7Pe7pxohsthIHgZFMMuECenUdhYj -+3TdqtKKdbShoF2SBnwYUVScH2VR2ZE8ZLlldNIA+WswG4x242NoemE76JC6DyUQN -+WaxFLL813TmiLYtRq1QZsiqCqr2jRBMJA4cdCt4jMZXpLd8heviNtcPmf6uEpHV6 -+VBQmun8dCQAUeCHKsrkOLnAcnrIl9gPlyR6qVAI8tnfs4IezjnvAh7+cN8cQ1AZw -+xRvoAHJfR7GMT7Rp/GTLrSYU+swlnjrDLQ7DwZ6seOVyzmKo1zRjysQ7qF5m6ELp -+hlu6ED1/VZZw2kSbv6BVzYmWHCGnuyl/n9zXImMR9vcM/uTogjc/38F4zBlSyz78 -+wHy4EWMn2jWyRYYFfwwLvrxmU1IHkNUKYfaM6qeq7F8R7cqbZhZ1cCrAGcIhPrPy -+ig7iEmTblRw+ARmY+cjUuJtbU/a38kEfCMIbKKnUg4vUnO6s2XCGG9TpmcLR1Ti/ -+80tOsEuvg5ZJB3FFGHhSH1gDMAKQwCkcP4wbP/YhzBhq9WU24AA82RtOsFV4xjFV -+ptyV+PmEpJl0DpDeIv0I+w== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der -new file mode 100644 -index 0000000000000000000000000000000000000000..40026f98b436bb2da5a04dd12d8b9ca3ab7818cb -GIT binary patch -literal 1309 -zcmV+&1>*WJf(02cO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90Ukd<|>*gFq+f? -z0tf&w3aL~@X%DZ6N -zP*KA2!@$u20EKj011qhd)gn9IKhN+?3c~_}jfE=7_7<_ygXt~RWA{y^XHmauOn3K0 -zrXj}9@bg6Ggpg~dN8H#_rJ7G3VO`yM7bZ~n7K5MB2Sln7Q8~ZsJBxZVBLC)3XJL}L -zpTDE=34pJ&P!-2W9lEUPaDKKD7#tD1ANC@J(ZV@b2=PC9Z>Wpzii=S5f -zO98X3IPwx%ms0<%o%Y^v_zQA3)6ugpv&rXno3g8-9-ma^Yr1?}1{j~Wk5;~#-F467 -zr5^`U7J0C7gDPNy93E_pYx9T+aN8Q;h(&fX>IZoL@m`4QEgC*@_zaiE-D1>BvX=^F -z8SgsOoFE$xU%=oU|MQ+_Ljd%3FmHIKS!Tb%Jt@yD@Fp0reIXp@M4m`G7pm -zzPwq=YhEGOldcHx-pq<;n8-YvB*2ub^|BnE+K)m1pqTv&7&>**LC85)5poj=x(a~n -zJ<0|2V73CIBhK1X2d0>Xkff2>Gordd=8C}=+GC+NX0Jkq-hTv~hvH9pQ-yCSE7lww -z1DU10CT2b+TxBr&|4uThr4G5sGy9hnaEP#J+Mne9AWk`$2@d0c -za?1g2PCB*VM4yhY(O7mjYkgBa#B{19y?iUFVa?|!xv!A^AzxViOu)&G)z_bhLFxVH -zK`qR6c0|;GULiWjvq(q1^?n3ppX#Tw(@|$w_Dlpf;`7h3*kLb)7e3{wJFl<+p?R#n -zrToXD!y*iuYZ7-bQ - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem -new file mode 100644 -index 00000000..af4c4132 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem -@@ -0,0 +1,30 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIFGTBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQI/++dnhs4VZYCAggA -+MAwGCCqGSIb3DQIIBQAwEQYFKw4DAgcECI5DLMkayM1pBIIEyEJHtZlUPIPn6DB6 -+Z017kFJdaF29AqSatT5tukN862+b+0bGwoda5aR5lr4edgmmwMhR+1pTewsWyZK1 -+xCYHwn0Jna1HXKRLfsoNdKCFPyvJkx9OdbNfop2uqbS/vrsriMKMloKV1KXUGqCI -+zZ7BVEgfgH4hZu7cX5HH0tMw2/CzrC5OjMhFq/OyRe4retfACxN34WVAqMM4/N0S -+S0ciNYR4C3vKu5+Nfk4R3GGMmmz1WejkYH0QMXFtq9IU8vbMUhAaBXIo7xwkAbQA -+UJF5lurXLJELCIR1KQVEjfYCXViH2ZbhAZuk2BV0B8qIKhh9GhvL+y2nporiEhN4 -+ddE7PdAmZPgi9vJ34+jY8E2UiXpXDkSr/8LpLRVQ/UISttARVkW49cOQ7oOV9hOB -+R+0K9fyZWAJI7cZQSsuIPSO5DwDkXclWUFYaa9C0BcHRaz8ACkHu2vSF94LwG1th -+WBvVvm9kTqznq2tNoAk18b4RKN2nVUkfhBJeR2GaJhzsshnpTo356kYNKpSUIm+S -+4bg087Zovrsf0C+49mr+9uGNbDQ2EfG2BJ31faBJ4bwRNata7l3FvqlMLBFJEpUf -+l2EIlr4qX9wfF9OnkmT0gGuuxwB9njCpe7XHbvjmvKalo9s9iP1z5rd9f6UPzDQh -+XdV9pooBusM2Z/VjkrUxRdyurlewD+UQn2MLiRF7t4Rgx5+4g6nooIQlcV49JhEP -+4Of5uDkWzHQ4G6TbffU/sd7THcwTp5wTot0BT2IPuP6qgLFRSQYwx5zplraVfTOm -+GmXD8Y0I8DP3bymMVSuJWFQrSL/8X5b3snOhzF1J9o21NqetXY+YkGIZPfL80jUm -+7ZRSsjz7A4M3MGhsD2i/gwGAUdkJ0kacdnBYCZjfvhEiMtyJhrtpRDT7pSFHCN4z -+jCok/m94d+mPXcI7dSCfQ+4FUSMXDX6IKv7ivsoJ8wqI3YiR9cHdK+EZLWPKb0xE -+I9Y1H93K9pQFlew3U7TzoFEJcee0JHlyM7JGShPQP/mPEoPsHTRoGjYwYp8OHEol -+GAjRutyMS5/pEL3zqT0nWsr8rEEwtm8tpPKuMclPt/p2LCpVBVgTpuVF/Hfnr8Ab -+teL2bpC/D0W0OOOMU3MlfU822vlm1gC5Yh+I/+b3jsgd4xH84PZUBGDLO5+Wrslw -+f5BPuO/DHADonB+DeGqwSFol7zxqYWufdI1jb1YE5pWV7dO2e0vTD7463o6V907+ -+Zfc4k7h5ohS/W+RGQDBM5lplssWcOPK5Rx8LpP/vXHFp6+EPnGJTFBg6I4fUYAZK -+HbJAnLkjWjfy7F4AEBkx8jBjYyDqNx3r4WLMU5ds06C5nzG0usTpAtoJk6k3G/Hr -+l/jMr/za+6TrtXyNBDGpZohgxP0wT4+hAMyLGymYnSWFlRVkkf0BANbtcJBszbAZ -+EvNvJaCecjVw2ZsnLo+rapA5V87wR6Rzpc5Yh6IxLQs/pNOcl8S9HhC+EzwcErLk -+J1LB5piJy64kLmzxC/wmJYvR5hY8GjMU8Q8cHOD5SVk0B87SOCt9LHuskl8j5/3/ -+tLEjJ4T6nHSf8swXl4B2e0td8/5Cf6mnyqiuOyQK1yGhMjXbi6taYaxb2fNHBV68 -+d6QDbGs8iCwGsp6ssw== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der -new file mode 100644 -index 0000000000000000000000000000000000000000..e25b4fb9c308623d9c7bdb0b8bebb48501c6be46 -GIT binary patch -literal 1309 -zcmV+&1>*WJf(02cO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90Ulvi-eaBbXR%; -z0tf&w3$K-B+F7cPWJD#?kWM*0`QxfEuJ=Z*u -zC|lSMhVlY3Hn5v4*j}cM!PAx_5X3+D^h~1I0wJ##K?D}rnyNX*;Woy -zm{sf;2>xr&cKE*%SzL~p`^1&0QVy1gzGJaJu$kM~j5xYDmOy07RHcHY=DlgENR?JS -zn*N2@ks4L+r-%qLXI6|v^-_8DU-Wi1zO~P+*>vxFPq+sLr^M|utY-U(oh_Q$&QUd(h?*Tsu?7?y1C?DVtE(j85j@SzBbl*`Q6)zw5RoZD-M -z!=PWIP~acCJU?y(9Fq!{AKtqi>U~m94P~v%u6QCdMtr#JU>x1O8KOn$-TKYl)>&3NG@$p=5-@&=JWhYCQ`kIQz -z*EE{X^ug#30AM%0(ARhq(sv1pVsXEhU -zT$306K}H$MTB*+QKBoEiG3yPFvCoh+hXs*}ZD6W!<-dia6~q;f>LoZ9*h1znHYd== -z>fNa&m-*^rh&A4V_$8`!!6UdWa^MmxM%q*X=TL^mY{Z_^ -T$p#g`9VgTVL$n0dF>&=Da_4?b - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem -new file mode 100644 -index 00000000..717d3ffb ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem -@@ -0,0 +1,30 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIFGTBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIkkRHl74lgxACAggA -+MAwGCCqGSIb3DQIJBQAwEQYFKw4DAgcECAGUDJYAr+n6BIIEyOthlgMNgyfjvQd8 -+ZqQYF52juYrlvEdk/NY2xlEfa7NKUdEBS6jvL0lHOaCcn0dRbykqs+Do9yiWsW2A -+cQ5BLrie7C/IeZSaF90Dh90QUe/aFvE/1fBjwuSdLj6Rf12MRXxtyCJb0WkStrUB -+Rgb6ReGUiUVz7fJu0ePZeNKqVtCa+LDenaUaqo82L7y05KLoQP+qrQb94UK2B6IS -+xUSORehQZnf6dpoXHMS5CFCv4Lw/C2VusBIZnAhEVWm3MljxMycOJz27YMLXiczj -+H//rm8BhZQ5X2jYTvo8S0BPgRXPnxasvIAYLbAFvK3KP0umX7THVoYsXpwBgphS3 -+penm9HExXsyYLNbefq9jPL4LlatNDi2LAg1QOr30jxGC73xESbYsM1WYIB24RSNL -+ZKyhINxxsqcSkvuce5dtShWXkqD7P0nUNzygT1uSD4AJEKOaDL/YtA4dsTt/LCT7 -+Ct8w9TR2+QkQdxgZri1S9+jSmPQgcg0BobPMncysTjTyC59Oh9KPcJCThR4BXitz -+cvocqt1CsiKiMGR51xHfMs+p06DwTTz2LRYiLdXco72D57O4lixOk5LqXF0qiBfV -+mN7LTqBIvuYiK9aEBZ53HRRurAhrOWBJ/UxM/VYi+lyCAUBhRu9XI02g0HA2UrlX -+9RnuB/a44Ce5mgQWdEYdQIkI7JB0Kj05ktWdiXeLCPtTG0ytfQ0Cv/EwbWCG2tu6 -+PEEmayz3KqMR/Av9jqsnk2qU7kKqR7hySMfoTuaMGpjcxCpj3Lg6Tmo0Nrvn5svc -+NNChDlrgwyp4dX5ub1bwYYzibG8x23+fKKkil7NqZ3gqZ5ecmgX5XiU6VdBCz2kJ -+k1xGGiyt89+gDdmoc+HyjRTJgfChZWiI6EhV3LZOnMa0ZUpQiM4lmq0SlQ78zSmY -+ZyqG9dSEFWg6BMrOUpZbuY63wjvrxSHrHLAbCTlI9BRkFhmfwiyJ90FfMBUjBt6w -+yCPW2r5aFPIhngNS3EayJKhAwchGHN2XdfeDj9GFhWZAIQsXS8R7JuGDIug7+QMj -+WL77m1jy0K4PiGf3lt7PVy8KOqbiOHyzYQsuAuuMD7NZdV4+dVzznTe3HbXLWtxj -+itPFNuSudfFBotAWDV2yOF4B7XbcTw4CEGv9bVJoGatJdaubzidUHPJUozWYQX8K -+cw0LqdR8yxMtHOc9FYyawLbQMzcMzt/lijS75iO+vspT9TYXxf9rC5yX8xlSHHa0 -+jlgvjnTDyEsrUnGHk9kNe906GV42YDO9MUJPvUmlv6/bAKA5iWX2+Jo5rwIWk6sg -+vW33g7NPMn0I0pwzaWDaLd1XNP3JpjODwkL/5n9F2x1+LsbPpuk48DOnXQi7MV0J -+2ZWSSxZltTLpObG8mI4dWrh5DXeswJIIta4ki1lSyFLu+hMY+PUVozyd6GVd4T0o -+cVepNU1rHqxvsLHVkMsixypHpZwnkQigrE8EYeuMZQKPq7luHwh1AkTASr3SJF0/ -+uztq0vmtn/0+lg7rI0pW+oFAlscmcRMrcOCLaX/TkvgX1JvO5lspIjP6IdaXsYNJ -+14GImtXxQaPgAtWJ48o/AzF8KPez98DfnmpXKBM0K/kK5OGuxHvNCJ3eTDYS6X8I -+Sj6Qf6Z9cjwB2xRFkw== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der -new file mode 100644 -index 0000000000000000000000000000000000000000..6674c48a7ccdf918b248467c985a132cc019cc43 -GIT binary patch -literal 1309 -zcmV+&1>*WJf(02cO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90Ul&C~s*CLpu5b -z0tf&w3`RdZJiQq1TSxeJ`1`tPC44q1#n -zB4Ikf2R#QptSWJb{k~?9`?v9r=A6Y@SGm6wUAVI`=w)GOvpv5zzDqXi7r*5`j2mCI -z2W{&nMa!N?dv0=htZ&CVoB_mTIW9?Z^W&hlq1WC1qJ<1$Dox$Th<}9#=TwZFDSVxfFqAkNy4$=0> -zUA>azHFB{G{%zP~lZ*x5d-WCF(pXMp)|{m#U&=h(dAH -z6ap!#3j#&@Rk!R2LNq+b!Dq1y3p@o$^Gw%`!Ou8vCSLa{zA93cix>}bdx-Znna -zcBbSb!7XJLV(S{B+OR*ST2`copwC=$K_Mwy^h7%=sTr?sv6`Rwb2*^M+W=L~7?xC( -zdYKroHA?SZ4E(4f?PrhwH^~d%8QAV(mU~;oD`6Ac>Iu-LREEUB}=6gXb;s>kZHsVWbHH?1J~r_?R1D>!h;4;Be@#2c2_<95#Kc@V#}x)iz?jEv|W> -z`PT7i3zNSk+=i}kA$dRo5bn5cu|nHrttz`BN#ex@!xsJ3oslZ>@}Q}|M^37`wO=+K -zJW^2-hsj=n3K>D@`ETj22xlmI`ksht4+YF?s#rV5z?&v(!Q1A`w@IlN5>7JzJ7*O8 -z=&|77E`;(a=iShPpcRXJro1qdk+v$`>_O}B%Jta#h<@$-1ZZ`&)YHHxa(etD8!wRr -z42#&%_`$iuJO7oJTOQzKbiB+xPe%fF)!6fIZLj^up4+}JIOlU-TK@Z|9(h{ZX1jWt -zt7i{?Bm5=g?)ldWBg$jPug{-ngz%6Id6X0ScAQvH{69+w|I|aB%hvGb!dP*^dxktQ -zSbB!qARZp;Ygqp1CNSA{(|+f4{{%z?0Xr)6ik>uT@NS_|;Dd)NE2nS4a7dl8bim!*WJf(02cO9lxlhDe6@4FLrWFg`FT1_>&LNQU&90Ul=q}f&OAA`jL -z0tf&w39@EMx|aB7s_f -z^JOy=u`ZcrMG9{?H&S)V<3~%sIblXjGf*k_RzbvNiUDYMFEcg{JI9A|tHT1v;vTxB^ -z?+56}D_*G>dbXDTn2Ae$hg2R?36*cDQ!*iI&!Nwdh%s8l6v374{7i7EW0{3tQKlR; -zJPM&dF7p)UH7w>GT&pai!4;7N+7(z;Lb#~oVCZsM=hotiA%;EFxmx4hYyNP9V9V20 -zZ2IZ&ypmP)vmc%yv@1ka$8%axQ=qLgYZAUM#AVh)*vc;U%$g8>L=lFPQa0q(-EY6J^Cfg8A9Umyz>Xay%$_6w|$%5Bj>?h;c4bX<^P^}S-bakIzSn% -zw=xp8#RT&N`7+-q|5QI3Cx=)1uIb%QA;Y*Chj}Y4oEr~@g-3APvtzSYp9=(<>hg(_A{Tp*{Cc-x~di~+6 -zzXe2OeJA`^WUVS=yy1Y04F{e-6I_PJpfsiq9nX!2o<)P6uNGfL*ekEaEg`>P!HPUi -z7gcY$F<%CmWgyznwjob-zzC`;+kqrn@satUiRF)Y2`D+QNFS4L2;j*Syi0ay7o_-P -z8Ja#No+#IU?(g{hn$)4GhBKv;%hI_gL#g(N -zFP}SDckbc}jmx#=4eUtDP%r+n>T&)=2V%=^*j34Ofv@e14-*V^5xh+Q$|q@uC_O^& -zcLmB;t|S53wbcWqrQx(c+y8H@5&TmU_gMR02xz{R5Ozg11PA#cO0J00V?Pf8V&n;J -z-HfOjv>ZYe@=h)))li=vDGdHwN+h?K7MUZ3CV(tq;$!oSvrKYQNMA{blk=X|HU%W! -z8UCiX4@L8jsdhL3rYjN;(UItQi*(0_^>;?w5Oaq#Z3=KwN8llY=sW1u-4~7po;a^o -z=s%BOtLLc9@%{$00&3+FE5$_k@=nzuDt!cCm_|u{DWYBGj7H-{D(> -TNEhrykb)NZ27EFE-xwT~zU6qK - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem -new file mode 100644 -index 00000000..15521d43 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem -@@ -0,0 +1,30 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIFGTBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIzK6kx/qbJD8CAggA -+MAwGCCqGSIb3DQILBQAwEQYFKw4DAgcECD74OAvJ1+LsBIIEyOekZ0qcxeX6hEYZ -+4ONCHu41tmOKSvByGeUBZvenjJQ48AgTGYUXNoYri1ohnbQ3bcqiP0TUDfT4zRcQ -+ZFZLuzAtwV8ZfZcYRCQ7kKxGfkciZJhjeHeuBy3moEbznzg9TEPCVzoOD+k3f6+W -+7/bSycV7jk89CdaWU3FKU/W/RLZarpm99Uzat0Ecc2KOa/TckNTBvD9Ysj2j3D7Y -+UmdmfUGORvwQhJG0mwv7OpkLFbFbYBehWp8/Fk5izJVdJs+77c2qiQvgeend1D41 -+ZUBKtbKCoc3Inp83cSkl2XonncCUxBKLiWHAzZxhPiIHwZXGXHjCOUqbs/sXEogs -+3HT5PHVQjqPGIbl5B8NYetelB1h1Udq4Py1VZqjLhZFH8q2SnjRxC9to4bXaiW9N -+451NL5S8bJrcaun6E5cD74p32F8IOjR2Ojr3ofEFHQFVUFlLPY3gQ+IZs34hQBNR -+QY75ffQDykZPBpLw0hIJkr1LoYfuEMdN0tPRRxYVO1lKAW0xbOAd0UEslFcsyXCY -+oUnQP50nVpG44TI6bNfLj5y07EyMFo6vB/XiDXh9/Az8jIfsPeYOGIVMYFSnourw -+3cjTPFrJnEQd8CHxjLLnB3ZeXIo4l03hZBy+qFOIF2Ezke0fmRtjO+OUVm8lAy2Z -+J1wSTThBlsWX2/JOzh7kiWDipX0fN8sTGeepazxI8nNANX7ALcxwuLrjvPOmTxfX -+ElpwebOvCxonwWR0C1gyZ0feOI8kh0dKwe0xi2fqxCwxWzPxN3EQZ+FtoUdtzPoF -+7QRBFERPefUpO6214t1PgJMWvLjjCsOFy4tnF46nWI/r1XLOQlLP5cwAIXZlnSXz -+ky6YqPm2OniXq5XqvyLOMy1RoLINJY1dhgBXFtC5I1ZQAmGJGmX9IxVjrRky9kKt -+362X98edUUMMmW48L8RcyYOOVLpFewAmU/fr3qoUDjusOtC8O66J/V4vjI3G8Ve9 -+kNLiPxQqbyfHHdbC2Pp6rXZXcl7L5FW/fc2YaZRqCuFpuGXZQ+SKrMXKY8oLa4tL -+Emf4isvdlRQjuveXoebxPsoG9Ww3pz3nl7NQ40cnSxb1zxm/heQmAczPE0faDsOi -+pGAQP7jAefh2XwJ6RWRqzyuA3bDWC7E4ASYODIJ1IAogMMOlg940hlmCXZ/8993C -+aTncCQO10ibemZsWvD/X2+gL3LSgBi2Q6NjHqj4MPAe6yAOA2USc1GzwSW4WEpIg -++ttJpKZFnnnxzCfUU+pTz2ONGV7J5a50BiRLgslPawm0lbYl2BvjbSZJul9oqqy/ -+7FI5Jy83OaHrqyMSRNKZbkPWy58zrhQNaiUaCrLE3C+hzj1k9BXrWm39AQM7olnp -+T0yi7pivXYEff0/d8tClqQAzy0DnKEW58xQODxhFkZm70X0HkUABD3QObHb2DSjG -+PE1XV9pXP/3pci+SFznuvn0p6CN3l+rIXW+pb6O4KW65go0LTo1evIuKTFjVtZyf -+KqbgDrdu/Fd0KJJy7S2cg/i02x7TfcSJE8C3EDyyESpGegE8XAH2NEltO1yt0+/z -+26d06Hr2livL87yVpzW8b4H1SlifZmPhy082InF65W1w4hAmmsWARfPmZUG0LWoG -+6zRPj13ojxpLPr8kyw== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der -new file mode 100644 -index 0000000000000000000000000000000000000000..52ac321438292452b55de644c0893a40c4027c22 -GIT binary patch -literal 2464 -zcmV;R319Xwf(e{3P6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UklbL~GWDau;{ -z0tf&w3zf#JzW08QCe!zTM}0hvt-dVemYKeS*}+4Pf-99hgW*VS{j>!`s}UPPazuLYAkHk0 -zILr@FnOj&vzVzQjdzQ@ -z@fL7i4OAR%Vbflzi~)ImbHci-UwVS`ii)wW05t}MP@MxY_XyGXvBwF$emCEM{6bnE -zjIiac2WhC;wExm$p7_BOPCQoqrLX~RkH0sKgf -z{+J$5=LLmYFxW-hc^u!c&v#XCGp-cx7y#D;4NIB}RnHHdg5^Hjs2Q;2-vacONU$Ks -zzP&6uD{QEbIAv$BCjUjjEEHdnqFXBoPn@=oPJ+A -z^#VPmGiWA9e)b(qaOdBjncsedb(ad60h%yh6}RNM(5+__N6zIi -z1;pBx6==3|7K}+3h3+LT5%#Q9pZpkuhM=9b(BsO14O}Czm{mj@f>BCh%POzPA9Y`! -zTGbQwMc}0js(OTbyt6#!cuov~UVwD(hx*I)1?L{*K7)M^Y0xByZimF?Iy>X<_GHbN -zK0y7(XI7i)#?=#G?1FemmDym2Tr|^v -zni3PE8gQ2=?*-c@ToUQ**DGpxy+PZdCTQOYD=AFUcEj?J(R6KB@~j7S*FH~Tmj+Vg -zdQUVe0G~8Zbc%?(!+NLin*)Z^kg1U_C@tfZ8{;}q(u -z!YmUx`lxB9{EA5#Qm9?)5+^QoYyb_(B<2-F<%FuGC3%KGQmvcwazE-2{8<~J^`;p! -z47S966~#RE#c1T!h;yI$K3@xbY-muv{~ixHEvAxb815HjxZBa(gQS*$&1K|VPBsR-KcYZt!f(K;3q%p -zywGn5YY`%)Ym5NL$0~}W+kJ***=x2yFSR-~DPWiitJMRQ6SU&yWes_?@i?hGiv@v0 -zI3ULah(n98eRi!@La3$E)-gAXF|o`fxkZ$<-8vUKhY+{f9C*cBiYr5drB~9o+>TjG -zBH&aoljO2G7c=C_hnmgm!=k?%d9=74Vxku1kO9d@qgJt#iDp$eD{rUHY5ow6(G`FA -zy0u@cwpRK}r{Uu}a!prlL~)q+`eLb^tKF@MIv1@OVlKKP2-zMy8a-WNLCs+|7<-?y -zN#yo~M({67a7As?eCv;;5OZ@N#2C%W0RH#K2QeIZUV+1|&7?Ft!^(@(5MG!NTogj; -zz$gF}B_r5$ZAAIf!2&`izQ?_Ikh}NVU)5*oGu#i_Gx%uRX?mTw~~UecHos#EO|b>Q-=QkU7!dNr!zGpW}3izmpL=eUvN<1kBEoyEhJDG -zxseHOa2L3neHFTdhTg{?v>6*v-Qal(2g`^>@~SaTq?h|=#-{WBm8c7f{%cP|`F#!^ -z0^4wN2c*qzuvm6&*PB7*>a+nmo6`lKJuZ5qhx3HfK=@!?pa53e*UtB-J#^nU?}V|R -z4jxuxJYr|oBTI8K40q_lp9fi21YNyQ89U2mC}hn40V7{>?y5oHYE@kr5B+?_|8iX1 -zKx4f2m;Ai^a;`f}E`D0dCvY;X)AdECJ?ys3maq>)s|+q^p@El$P6jSU*?|E{0(3kU -zT*dM6I5bV(M_UTcV!9p`8{qHmiLmmj&D^KZ`2!!lDLF!htLmdgU@-}4e6YAPPO;Xn -z#|`L26>OZq+i%xIbJX+Q9-MCUYi$p$A2Sd7GT46x)%`!XyB -zkIJ}wnXT(?6Y4Wu_xDWEU!`NESjXG)FL -z5lZ(XHGDt;V9JHKI~pkm-xQD4+vq>*JQlt?>Zw44J|}=NW1Mxg|G67(agp%7LhgsD -z<&J|Q6&OYL71Vhbj^CT4uxK9Gw@|5SH;Y?ZgBtAV0De@nf9!s%w0Ah|4T2SFJcj&N -zzmGj>@TM@V)ACL -zC1l|@*EN;$KNF!e`N^)s=8|2sC-c>MN5tF;t -zD|Cwzo~FHjCrs$>3Y`9?UM>Nk`y{cV!2r;1E%xqRN}`pAb*&)rs5E235D`gZ+^BlW -zfZYY5R}kAz>JVB;8SCp6^!Jcd3?4D&_P_YlCX>|1{dLi-bJ#BZnd5D_2#(`=)9^hD -e_tA4>9CWHIP~w&LNQU&90UmVz(!H58B4AL -z0tf&w3s-a5SVRdRD=Xeh5N>IJa#WUH18q~G{; -z({tM(Zr=U%4sK~~I`UQ&82?JM+ju4&SaLNfuOqqQBpk^+gv$$LlT}}}F_xnz^+R|? -z00S@v70%z)0WOr80YU_FIK|Bc^nk7^F6wy2tYmYjyB5c^d})@N9Sgs0o-0U>$Tyca -zyMidC;bmhz&9OgIKMD{}zeEym14MoB+SSQaui(T__SoI}<+3A)RbyWSljIuFk~QhS -zGer8|y=u2UB@l`Q$X)X+E2mEj)w?&2^#gf!31;am#V6^;g?V@lDU3MjAA;0ZpIrS>Y96F4rpt -zUMBkoI|ewF1!ugd4R)Su&I&=0$Q{VX|1=8bK!D?}Xb -zhn_Dl=X6fh;+3P=8Os}H8c1QzOYAtlp(j`w^|}&Bhha7 -z*F2{1R>F}N_r}Fodl(WKzcE#1hq>b{855s*$03XOy&;t?t$mZNBs`GlHBtv; -zlph3dH3G1>C(pV`=YlO4c8-OxFErX<>I8ZfK*f2%b8iG{S%;e>@Q;t?k&@*v^9kt# -zf1N^yO6YM|`uo4y87*Mj*pelH^SMAf4Y2_s%F7;`;GVJ?{POziy4Z172NTrlY2_OR -zLsK8J$TU)c^M3HNoC`INjMincOJEmVJ}+H>2zI7BUl=D&>f%G?4mv@iX>F-6aDd2{ -zy{Hco#fV9ku-x}dpWh^=AY=6|p=M3*z+S=~#aas12HbhC{#v#xm6fOYmdL9agsfe} -zV{4lXghf64YsP8S1(0mvkuLly+Imr}Qxef}Rfy`nirD4vgdx;y;Rb;r5L37?n|L+U -zD6JZBgpOl8$-Enu8HaY3I=iMM?6PrRUIywF0NosR?dHb;`fm(fzvV06Di&RF5R4t;H6JqBDG!Tg{S-spvzB-|oyp-?&3P?C;x~7q~6qI?3Hl_zP`0 -zR!h`Su|rLR6v=1jTg7}{_iO9Q3Gz;O|=FLYon -z)ED3W&ItYVOs??3Ni6X3zT*U-=r0}5Jw2`%P!SAjdrB{@Jc4b7bR}~2^eO;m!5L4X -zVYnb_98(iY;v3Lfh?_1qp);gdT2j3OCyWq -z720-moX6CbXbDNB8y_%RbdT<@J`8?4QoO8FOCiVv4Z}?L**U -zLIt%rg3ZK9B1kk4iUoJZA-PQW5Y%}BiVt$>uW-Zq=7YXK83%@*%fh*h0o|7>a^eouG0ieqULf(}43SvZCDM@Jh~{Zq2u`WS7FcdM)wA-=g|l=K{^()0 -zc_oif17?d=ni@lJuGFw9p)h#9lzp;VV@B}*%#@`l=MS0{p>o+h`9xHa+UFh_f%HNm -z-VbQ>ZMl1$CNE7e#QqM_#piVJC3oE1Uz2@Lt^kF}3@TmYUSMt{QuV4_kr_eKUL2#p -zGN?vnz=kNraDipK)mN`bkZNxqh74$EaPDsPZ3HI>Go0LXsW0A$X>b8e``5Ltm|kF$ -z_&>x4jd8e#X0FVK5s053wS5F)nFP;pDlrc?U~=Ve`E61K@cTX|!ZCrP*nybmk|Em5 -zWt8{iOCGsiT%pscYr1I=m-_HFeWbakzulj)4Fz%OF$Lkrdv=h^;eVBas%1Jl=fL4p -zw~y(n3aK5`i0iHQ&PI55zP7XkRJ>(F<(CBMU8ZbHtPEOaQ)w0py-{SfUY_N=;g`)o -z$RBu(Fxw<|Y5&25C~a6rMBF$#mGA44lJklb-7s$ZBbX-*l(`sljc)wJZ8ACqGQu2kZ9?G)PB0mr}($0n9#g^FLEr3SJtPz2}F^zukoRQ?KEqe5iinS5!Pe#TFJHY~KW83EI7~X|I1s -zo2GHp-K+QD9$0z|Y`5skMq=v|NFF&yoo-(d8Io^2PBt;UAIEyGJ(maFtP_WR5Va4c -zY}YJ#RCj0{-sk|14=?kiPJ{^63u(!(jYjvI0x -eeJBLQnG4K@p@xW=*%a(SGm`(}4;`;~T>;)MrLfTe - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem -new file mode 100644 -index 00000000..c3c0635a ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem -@@ -0,0 +1,54 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI/PTNX5reUuICAggA -+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNepsPdfwKiMBIIJSHRy7kOzfWTH -+O9Lp0TcHFXh2dkB3d9v8HDTquWY5brLGRVquXKEJo7DOK3MY/0Kaq3/s2hmwsAtG -+XzsC7nKuYfeAaL/vC4065g8LWxXoCczkwLyJ8wl+i5lB9UYZO7UQ17ZQOvQquvYA -+KKqe+IxFBJP7QLpI+iSYh6RGoqltU2CVW6rnVpA6mB1J5fR/w913bfkq/F8eLD3k -+HIiUvKf71zu9YZNX1eMo4kCQJh5gV83D0oXo18RRe7uzcBq9ZVs90oKSuMKArqKp -++yiawCBmzUU8NVelWfpfdTAxRDgIj+5EzLd/Y94MHeie0GCPk8V4uDuoqnT8z9mG -+IQPRe1x5IYpK+/6hcvEj3SSJlW7WVOkKxQfaTTxNVhXaSnfCwIUfHO+gYvGjN0HX -+6P9gF9+LNlnHRA0dCdHpGFlvw/N5TZ/rmFmzqxLGmuLfocbVmYG5t2lZtBb7oEnl -+D3Yx7tk2GtKg5uWXCLN1tGf22syzyLsNuHoUFLce8QzIgW8MJbeTu29vBTV7YJRY -+akmJDkl1SX8GmkbemxN7jSRGQD0c8vHjnGdVevoc4z011gL+bEhzJu+dGlbpzLB2 -+VGmhptvc0iTHFHVzeYJhvRfdG60lB7P1/XbTUVmZ5bPsrW+FgGNr0Vs670csFXIS -+khTIC15Ey3kvyuB9BNoYE2l/kKyd1FeHqS+ISHriG2KGHO44Bak62Ol10DBv1/ks -+YV0/3AQes39hoxGSqrTXxAoJDa3kttRz4/7lyrTCjRZoB66FD/q+hV93rzBBwPCU -+PWva8LxcsYmF3VAIIudxfW68CuV8oq8p8+pJ1JjdZ8uyr8j+YuuX60o0vHRQAr6v -+n4/zph9ssbThv22pN64MbGkZGpfC1r/8SXqMdmEu8mjvwLiC+S6+CDdUkZB1jPYa -+JX6oEcextSvIivTlMC3AAff1ZZLDjotlchu/Ky3/ugu9oNC6zhzPWug69aUctumO -+ahXbhAOjswkTjBp0TPvsIIylTNDwWNEfB9q16Tfj3I0d3VKCZOaJM7iDll/rM8M/ -+AWBJ0L4dDuhvsM2TjMzJ8p4JXaxfX9OjgR1+cuRe2YzQPUDBeOt+mz2SCjgOCW6j -+r1k76ilGmUD1JQby8T8MScSp9H2zi3RIuaDVJwHMPu5KooUR8eF7w4cTqsS0FhdI -+n91M+o0TDcOzOjmDj0vH2tP2HPMlqMOHUut+Tm0J9flTtxQoAlftPq3bXhFjT7Wp -+ry8JPZuzQDUMdQvi2+J4yXnc0+ElWAdSkaqpEpkOekgY0lTj3W/+GuxPPPqAxLF5 -+GaZ5fCLFJF/ioQ55J3cnChfZRXrlQw08zsQiLdCyFq4Tnbx6Hmgt48jKhPddvxhu -+b/StlvaRV+UaMdlnl3Mr3DwWjwIVgOEe8/c6T0TA7rhlh2muoO4dT1t42stGQZAy -+rB5PoKJwLtzoyQKdk+LCvgrrdLmIQmK0AB14OhEAoWwnOyz9XZ7QM7Zi2j/msZXj -+ipmzwdxn2+Zfl4g83dn3pXy0+X8MugcXLUfgRtNEk6ZAk8P1PaQZtiOT2DS+Khuj -+WvnalHKoNYSeOfq1MJJkZ5kG6wriJewXtyRZtyXolTW0WbKNpcs/EtHbPxCceONe -+CcYPPXnnQQ4Fwl8jNxUUs9vO2uLXOs4yKPkwgX7KBmGIlYLBjM1isNhi88fVXBvd -+RTLFblxlnRHhjQmBQaLdkWwR7hN3TwdcxtobaRw7w7A3Pg76ktY+Y1jAuqu3HqTi -+q+k7dicH29LFKs/ry5dAFJPgpG9EHPVemS/PIMKHp0wRLlHmP5+LvdRgSNKLUoyy -+wlz+aZJXKobk5MIcLRZRAm7KF/hHfwldLMybrzobwwteTl8MtvQYpHc1cqAFtqEd -+V49YwFCX0SNQLOcdJZyRoltcftiINsnoTzOKDN4y4NaHpU69lO8AA9TUx1UyH83o -+jGUGAtAHQwUwmwygr+NRzq+1OHGA1JKLLfdwGKct2SY2smicjnOOgjF/x0wiSwyo -+HjuARsdR0pc9ancPQ0KnD/6eqc2AcHXiCFi/xu7rCTwsmO5crSXRL1U/5CF8K29g -+olCXV8cS6X7gqyARQMHXWN0Qx4vN6TqT7vuzLaaiC8cYiiKvDo63GPyT6qRZ5uY4 -+u05ZLr18xzRM4hjUbxZaDyefOkL1DE9CO3rJDGX6njSLh3IxSNQVXNh6lu0Tx8CC -+HA1S3a8eR9Da/tBD8PLwaQ0xvpHHQWsdX58Nb3AFu+W+ee4NFq0ZrPqlhLpSOGRn -+bW+U25YFdIMsO41VhafsFKSd+/l7VwJqOSZzMgxLEr3p9ASFBbuzQeDVWr0kMYum -++Wf6ISkwu/s7hpnMibSACV3x1Fawwie8vH8zH6rg1aw2AITfb5RuIdA3h0uX7r/o -+6MTUEgy21T14z/KPDfhJ5jP6ZNuVzpQJGgQfAsJzPKVZg2DramRvgSvdLw+/LB7J -+FedNAXSgdeSJyLiwy9glD+1dWVj7gc0cj+HBQzAwSMdwoX5E7Rk7UX0O0S7y1+Q6 -+w+Gd8yxl4NDaM/5PH9TSKC5oroPot4qH+oTUw/y32Kl5TXfJvWHaKDcluIQyB+4Z -+ABvuEaxz3NR3yI5Xe+KDtprRtfI9IK8p0tFVYpZfFUULzjK+JGKi8g1CcDnqIM+S -+1HdSJP/qsMMlb1iL619nXhWqO/hcVZvIffhYzKZJFAurqcEkc393zxnxkiA1ZaY4 -+1sCBLnQWsmLeSKQ3rmzr4iPlG34Is5GsuV57s6w6NvmU11BTFh91psdpJ0iQLJm0 -+jrUvZCTShcaV+lAGkqvnx5AIbPdZYSec6/J7J0OpmSypEfXITXO0Ihr8c7LMzPmL -+AIHef/8cqJqJnM0pIZcptrdya3OTItfjZbOJ39Zkm+Vs0h6rpkpn5sfTBPONYti+ -+JnB9yq6lWqo2wW4p9pyE5XXWcABMeq0uPoGXrZPY9It/aPB9RUCxID020Ehz7J1B -+Y4yZjEx3Vii+LAg+AykB/0FL1Xe4SIn1/ShmEzan2wPxt3oNdCF5+6t/hgU1z+zE -+hwpGnZfL8aMTSk4U2q1SJs3MQk9BlTmbKsOvajN+Cj8ZLa0X2oHjEV4o5Qc4Ggs5 -+EZ/BJxGBwOFWkN41XE2DUW5E4Kq3AYShVAqmq24KIh1rOxrXebzEdn9+Jt+VWz4s -+WqDsuRKobaoDpFFCQBLvQA== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der -new file mode 100644 -index 0000000000000000000000000000000000000000..5dec3c8b3c5da6dc9cc4009dce20a08b77d6898c -GIT binary patch -literal 2464 -zcmV;R319Xwf(e{3P6i1ohDe6@4FLrWFhMXW1_>&LNQU&90UmJ`u9=H99wS! -z0tf&w3My>{W-d$o+TFUy)b3zyHOu!WJ9_*et!Q-f`# -zV~M7%bR4|Gp+SUQENPpvC)683y*njoZH809Mm>pTPr8+k{I+c~C$u_#k@+Zi(fM-? -z18a0^mJfWK;VU&Mo%YDB+H1Gb)I}%m_a#BM4d7)>OVAPq)vN+pB4P02{WXFl0-si@ -z!g^9qw;Ko_UD((nUzKH2sCtV(Z5@*str=tCPpJ$H7O_2=eE7d+R1bj3SA|!mk -zW)c&)IO^1cLemc-?v<@FJmU-Nn11UOvL=%#&vnQ?Ol+s#5I=%x06i?gWF>G)Na;Gj -zF@n~m@l@)GEbw|Q@Cqc_0>BXF&^J~TfKjY75SmVF7*cKkE+~(wMnkiLXo>(iqRyYd -zVxxP>zo5y~I^1@(UM6!Uci`4%n2A-QHzJ`eIkvVzqECcDf{I-?6$wz$xO%gMVH?3? -zVI<1{;bOgK%bDQ2-dy;&ebisdL38boEp#(kYXK*`+$gh32*ofYAGH)D2eboy;gCYQ -zR6wZlT;(WRX+NxLhDOxsoJ0M!tI(kZB5fNj$sMm`rrJ2!L17z~D?|5!s~)^C;4zMH -zb~})G|IfaaoZDu_Ch; -zM-h9D$c0vsw{wmX(gT6S>fy-op3zc*QEw3s!nWFST?zD^XnMyD9Xns5ts7tIq8#$= -zHCy&i0tmt$+wuq;Q&Fa-zj1-UYX$$?KvJfgMcE{cf0bQ}%FXa1YCP}3OF)g9jfM*c -zaG_kNghpSTYm|GIEixk#}GdMx8BlPLBB*PZa#%E9U1ykj2HJh -zLZ90RYvP^}j`1XC0N<7Omc6LZvb{@q*!pe2LU^fro)ooYt+zcutSj4FzQQt|o;Vy3 -zK_#L^2pCRElbXkc>ENH?wlE=_pFqGp|AU@@-?nkHAoNiA|N7!rsLM=?z~EvdG8nON -zP|vF{UHUJg^mysQ)iYBR`pjKYAdzNG=>>=p@v7QJuZd&d3i}|xyUr1;Gm~z9*1TD> -z!Pnv8<>lr0x(8b=-JS|Tq?b7~=ZM){44&hM`5?z2^m?ri?HHx`2sNRtYpuY5lPzN> -z(>eWl&O#%dNMBmJ25wS4{hQf9OO3B%+lVX4qH3< -z(MjyTxZ*y`jNfSSphT2A1U?mru+69r#!rS>WZU{~=E~@_d4&duGTY=-t3m73FLdv< -zGX73%ZDNRnfZ)6jiJBqLtP*^FL~m9sr2vI4;L~>o)V$wUn?^EH)x3=jPoXj7UjIKpK>>RyuP$ttA%8u*rA#$EpT% -zs;MlhqdnnNUB`!Ekm3hbd^CxVbuVZggXWxxoZbf65P$`U3Z-osNFYhNNk~P^8<*|_ -zcuL%0PvO#z^Ci*K+-7{Xf^N&+S~j=9HI&8On*D58b2?pgbxS!o9Z^P-&*dd_+hJ&; -zz(pxf7;#Z9`V+5=zmmd|L2%BCTiI+m0ar5}qcKV0f1~?+9jE{AJ6Y-RNzSRbup05P -zyKR$f;Q%wlI~0K6##3HFUjnaJQw{^hoCYes=uuur7qLW5X;1u*t?fq`?OcE5%lhQv -zm`Q9zORjx1X}~c}ee4=U7rIL;9?Qhh-I!~~YTs^}bDJ)5m0rm*!>WfrbUOpyyGo;g -z+%b&6f8{!|a;sJwgOL}!1dXp|r+#r21kcX_FI1f*Pb7qMK7|sSKITo+tlP+BvoUAm -z{C?Z$T9%sr2o2HkA0$O-(Wb}cats95DH3NlV;`rDHu+S3$rF5JVjgJ8Yl1Q{$@9p_ -zBI08vb}VMv&Y9?cbF=?l!8?Ct(3a2SJu8zbMl_u&&PX#CH?f5%NvH^3iha`=OuQ#O -z#W^rlje@1;4bL>w#PaViN-$~^YxQ3MMVBgSo`?l>-uDViOV!AQdVyx~;Zwo~;Z(1L* -zEo5cIIIjq(aov9Mw!e|09IZeLGVkwT{*p+v+63o!3n0s${VV;?U9z7thk@@;gVzoay}tBQfQ6I6#fn=)bdT`bT}sqTFPY3EEj1M%5_7U+EPOt43hQHojXPP-%i -zl{-$?OCY=JQ~F(8uXt>748}t)K{tgujt`$u2IcgGK+szN`dGJva7Y&S>Hxe9HeDJz -zh0QC`|Lg0(cJl15Qur44VjkZ`efjQx1&TPhiUZiymZAhj=qx45z*Ajgio?8&LNQU&90Uk%_7`Zhv -z&G3*KQCUaP^_nbiXRyXwF1{7J$|(46Bi6`qs-HBYP%%u9TLjNk0gh2%I5HKdOTd@SNa`h?bkdAhW>elC+_8_&6lr6hv>hHY -zYQR~q&90LS2>-LDdK$YG!*C}*I_p` -zj)zkp6x`;*izL>$Rl}63A}nb|9)#8;kc|nL2gJ30lr$lc$=~ -z=sWHrJ*vk!s6(~?ZLf5pFdH^5b%Cz9kVTcx_!Q_5H -z+k%ioc0h`U!jAvP(;m#7@*Ln15h_nD4`}OY`&?9)7gBtYMrq#NKAI5_-`$6X^~sI4 -z?8fGUrqK#+*CwsT%d6hVLXmn2;W#^p?siq_09kw}9ZkH_FdG}33ulA~9JDp9#Av%k -zopVFS&2Uwd4{ab9Mfjav!s6tnq|mGK*6uvP@A^to3NV0OXAuokUT+%z|#}4K#-@n^tbC^Ap3gK5fg+2zQBe -z8ijA~0(`ilp{j$_j2Kohx9>fx{T(ENq9p`^8p0MEY(T;oKZtY7B(br8a#IP+^+-fr -zIgW%;pju#r!!*h6ZA+9*DA&dcYq^6A5S&c}53q;|LJD(|acETCOmADF)@_2QO{ADM -z6A5<2v*7BC-6<{V=ax|LfF3O>Ht$NS5`%^oxxvjRzA&AS|2F!|(tNfc%ZK;W;AMRY -z%j@BB%m#5Gt4ci?x?Q@|)(wW=rfZcrTu$ttWBX1M1CQeWrJ=|H?YCI(M4u9-#DxpG -zPU-#&oXaBGXTK?-zL<)P>p3Q2VLHms%r5b5d2G1=9b(caZ|rY5%(d?}HAy6zO*w9# -zm``)~ak5BOV@PP5$z&xN)=U{HOk!5Sr-S*>w5yIMmwy|-laIXVEnw=!`kuAkJzoK)ZN0u(?^*=NsQQ82qxz-$}7m!|}y0)u0vZIjeGCy*jQ7Fo#S6iSAKAG|Q -zycuF}N^k480&ol97cEo$?*hVgJ}KP_d1dgNv<)f{WF^@^`CXeP3i4BVL`#<{?J^I~ -zXj*okL~~->t++P6v^Xe2>rYkbCN}6=Sud! -z#hHAWo+93u@*>{~5b){U_(3XoT#hjswYMH9P@@*-&~Y^0D&-+quN~E{>3(G9meErf -z!B)fDxX!sVACJBHE|qCM+oj8Nt%!6*2MlQ+T3j~O3#wU@7@yz$q@@z|KcTZy{JM|0#r#{h&E2y||jJHB$&6W!7V?lIE3{C4um^ -zLD%VqGQroR#cBJ>Fl}7z*?-_9F%CjK=Oy7W~{Q8%BHexLYW(j7D4G@b|tqKrh@U|pAv@{s~r|7 -z@rFLBKMsW1Iy7`eMxXg8TH(meOn`iU&(6{Aloau}E;Im!l?r<)XhqZqk4L9ZRS}l? -z9zWV!N4JCVzRnZq#|jS*?X4kHDH(m2-Rh&S0q*l*fx)}KkYW$7 -zK13nR^$5}M_)bgmrZ(7BLcJZ)(Mhx}!N3zSjhPS6)CSM|z)ud%kMU8}F=dJ6mHi`m -z&}{8LhaLY!T4X3Y^JfC5hExt@h+N!YG31jJ?3PMlMO)nkU#r~l_f -zHsx_XEq1uA9O_(L0CG4GRV($yTKFPOqlrG&e$0EsB1>$4fq^9^5m!7hksbCBFvbax -zzNH9pQ225`<0aT30qBOyD!q=ohSLyvqjcz5Tr~>||K>Ei?L3-?|7fpTmsO+1c?`^>&m2n{b%DWY9%DE#|2Tl0EG(RFvPc -e{6Tu9c+Zhuq%Ff|0yiDFj-7}y3{5}ZgZP}Xt*&4I - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem -new file mode 100644 -index 00000000..194a8952 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem -@@ -0,0 +1,54 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIoWPVdNPvfTECAggA -+MAwGCCqGSIb3DQILBQAwFAYIKoZIhvcNAwcECLYc1CA1Gf4IBIIJSG4dPOE6vprB -+zPJLrO1hdLj3za2tdK/QlDbqMScFUC2mXq5cJ9rwwa7AyKtL0U4Q1O07Vw5GB92L -+FVbY4hIRC0XtutCwhqlr0kUaIqH/IjyY6jy62Keu5KYYvkjPMFBkYBQD1UA/BT48 -++yIPH/RSXbpKU6z1KaW9FiEtPoXfw7kxyXHIglAEQtPaN+aeEvpuDiRAN38SU8Ci -+j+Ub7spft4D7X5oARaAgQCNuhO7Lr9FD4OuxhurWoiFb7NJPuwTr35PK6wWYfjwC -+kpd4iRCAhi4cl1z0ZofSmTyS21lz7uc3xJy6ztVMqOo52mIr3lFHatpC75/c0L3d -+Cwcz0UNvkMOR1u1Z5iZhoqsFaysrKeddM/6iBWP2osuz7lTZ7z95hgksBF1wnPSh -+5goSu7ZVbYnsn3WZGVQyDKbCcz2BzPj/RLzSYwjrr48h0ROj1acvZTdfFVioiiKg -+t0w97W5h6DgnDZO0/yiN5Q/GLD+Laizawu2HD8e8dlkaMCD3rEl4RL7iigh4Co+F -+8Raw+UPma/rdHX1mZttnk/bkOrpNVcrEL+ZxmQFn5it0Vn+U75sNHem3c4A+Hhzj -+JaQtCPwChYTb8AZmNw/vFrKkUtNpMILHB/1sBHS7TIo0sEXJwWDEtrPLJDLvhojv -+JIIpGQmoCqDHZpsYLGqI/kHtWRl3jAXGmVlqkt+QgjbkDxxr7kSBAcqEouuFcKKa -+m2My3XxGMJrOP8iWuWpZx1p77oQcpIoIvnF06eq66x1H1oJaqYTgn4W/WBd7qScv -+ILCTh3ceWYCh5Co/S+MonwqM2Ppc7JWIVinnrpduFWbuvvB/sugrjEoSAFNh+cqT -+jTxM8+1tAVv7xyuOdFbR3TgiUeEfsK6E1+1Y6YKsqtiXpYN9PMpaLg+Gbw4+5esx -+z4Mn2JSsYSejohhSZikrUMHE3Z8RgxMn2WkQ3hMNjaFetD45xUTla2v5yRgYd7yr -+AQK7Chej4wtLx6yi5sTaiebxrrAunL4jBe2JpBeYg3J2dJjjPDr9Ym+YSSoc3s90 -++yplLoPxszvMfFaEAKrBI2lm3kemij7chtzSNAnkW/x02yxKcgwriNGHppojUQR6 -+j4Bf9kvfZX1opyA/JSysGRDj99FHop4E4lHriwFNWMfoYj63BKluQFfmsCOptokf -+9W/nAw+XTSFu9ojlXTSPtlyn3jPsSflYtO3UjMJsm9DHuRA/ZLpQ7Q11pOvI0hqj -+XfLuQ4dhDTHpFE7Lfla4tOwz/lAOSqeuqUfYKqa9heH/LlpUBbsAQM+XSLqh2cVE -+M5FXvRTcqdU9yJlMVo5+Asq5iK1cb18e3BSgAaHloJ3UaxiOaR8Ad26ryZsjAQXk -+vKlqGQ2nvYmn7i9z7hYcVZRbXnDYsyA7tFHSYLTDUlOjtC4YjdmnAjRojezRHUoz -+l1bceyBUGSKASMF08fHdMu3U1ffvze/GYr+uj5XyR4gZn1w2lkVYCC0GWAYuwdD/ -+4xVR1qxDb1trdui+FNS/ET6FzlMtHHEO9f/veEPV8hsIgAouUVncN0bW0GKS0Fsp -+N72r3bNHfv8tE9W5HPF+/ATh6zD0InHqOyX2wc51wFWnSWdC00DluZl5KS5wPi3S -+MsLsRK6STboeOXgr8MhsmASGX1yUBWEs/G6jLAUDexM3FCQgYWCgCdPnMKvtesXn -+3qOhdi6On1BPqvATyXndyQ4D2SLYv1mJ6CLTPO7PTyuCWobL9Is+S+D923+CpuI+ -+1POOKOLgex8sflOa4bSkpWo36JvQOOp6dXYJ+5IUlA1MZphgtKzInz+WYar2hdHR -+o6fuGzdne79XZrKSveK9L0r3H3h4n5JEZ9A6cd8bDAiYQp6w5yl7vXU7P0NL9HwR -+XiSGHaoHlRIOr4wbIqNTnX681hq62S8dPtajukz8QOhgOox/gLULgTpSDMXhTN1q -+NV/Bft6+lU9+PC0Dye3YesJWykuQFt2hM3Og4eWB9Ha/ACsGmzbgTAMtNLCD0Mud -+m2DYCO/GpUDL6dDHJDzB2qBao5zSq+zoeYpP7d9Qs4amVxFwenLPf90BI0IV+D8N -+0kh6rh9e1j/rmPv1qKzj2WvTqdBWmqOZvU5TBwAozeRI58JoSRiQLs1DfZ9o6V2H -+bRvmVxdPHTryevrFqL8jEMypBNgB+A9x5VzhnD3y1z7rxKr4+7WW3Yu60EP5irVa -+EjoKBE2hoGCuFfLGJn4xkpOzjN12SVGzL8NfXRtbkC8IBsOr13njFLNVLwzy7EwA -+LFM9QN04KV6Z9AEX8d92NqT7w/9Su2ZgFe5aPTlPW/23uwL4o41U+FFrZU53/Pyu -+e3vNy1AAh4INqP0urpy9Gnp4LP/u/AwrbdzmvJt8yjnKk03AaKNjNgFuprdplvqY -+9TUFlr7sCf/TQ4w3BTZYI1VQNrduur5FwZblI9Q6obGunMPy3IYGeV6CcCchYkXp -+u9vbe4hFFrsPlpOz5DHZT/5gI0g1ZYFJq+H73Ku78syDrWHiTGYJinj1s+Aceiak -+J0sId66GMtunyojveJOUwfxliIKXUn37TqH8HLjEYk09Uy1yXBZVLaMhXIShGMs2 -+aSL3nXv2KmGDGSFTBto1R69DPsHsb/oVDLUwgF5xyZFum2UE+D17mCK1RMczsWFz -++RIHc5SYwipdn1jBfJa/r3Gg7l7bM6/Fy2oAdrhcdB2oPV9cXF/Afyfu1yyXZfVu -+Z6MWhorqZGvJ7HY+G5JFxumubE3u2x1EkrqAaFIjDc7NQQwHKxGyMTKg9I04WQew -+8wcbSuvCcI4NVt9HMy0fR5+3QkSeZnoKI6CwqRqLEsexNO6N6l3V7dFgDUOFqe1b -+Yl/81bS6b072jskkIsbFXTn76S95G3UYrEiYdn22+6KPLyOWQLczmVvztdVh6sOw -+WRoiKYXdW2UnO2AYOXCQyUxUjW06m6BJ8F0NLJ3HVuJazKouF7iZsLpHBzI8luNz -+VF4t0NLX60wv5G0AZLivVmVAadB4JIyT17ufud6sH0oSyVRid42zfBNzfn7L9rIv -+vmjfhI7SeoT2MsE7l/QtQy9hJFSh+DpdWw2taJmxP210qXA8tgGgLjDqHJ+k0wvE -+laqHGOzY4J/y4OPsGN2fiW8nRCoravNz26Ff9PZ0S35WJ46qxcMH3pIfxvIdtXZS -+HESFHzL1ejv9Y4y0O56l+w== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der -new file mode 100644 -index 0000000000000000000000000000000000000000..efd8b5c98f282ee9beb9b90e6e0a7d2691da2cbc -GIT binary patch -literal 2461 -zcmV;O31apzf(e;0O9lxlhDe6@4FLrWFg`FT1_>&LNQU&90Uk-v=6{XhaepS -z0tf&w3qza|(a(0bR?ZJnY} -zN6F@+l55rJg-#c$rPi -z=yIaX<5XFGv!|JOrBl5rc`BgKoIp~j5=JqvEyv{PEt;0M5@Nqf&FO5|)Q8S8HMWv9 -zhl~IlZsZABy#lHnHYXqr+Q>>KZs<3J81;!Lq)Rt0r1soU1|8L}B2p-vS@olXX79F% -z9~&GBNZGiiCWHjT){6D340&%VByy=N#5;V==>Zrp!I?uW8vid8t`h*$cXJ05`hRbF -zF1Ir?E2?Flf&KMZne5M+gA4Vqxpe0q>x0?Fn4@sf(T1sbZlnOgT+G -ze>9vpEXD(hQbFAN-*~#;&h&|OHrH!t%%*&}X9rNW6Llsni!?nj8W+A$%V4JQ<2D31 -z&wJ`cVEO)VkFH$yU^X4ZaB|qWxVCEn{jL8`z!;`;)o_;xm%`n96hV0sw4X|I%!}%H -z)k^k7JFSy2anEqQ@E*3Y-YP05<`{w42Zke&PF~=FfElbCF-g5dR_rm#g=s5940s__ -zZaStFnrA=Vg4PtMNHe72&e4%2-bZ7%8FTlGkl&A{X!zd$scMbBdDD@4kO`Yn`lNBf -zgVHrdNW5b0Jg-u!sTdb5Nn;0kFkLs$^beC6Xf&5I$f31zU0;Xx!OcO%`#r@|I;fsH -z5g$tY$%?MCE4PU)WyIXw17{|q{6n?IL6F1xa|g;h3x5Xj3JFK}8zMu)J7a?tRTjEx -z!YZxfvU8}jZyI_yEZD;Fdhj^fz>Iq}n4Gi%vpZ+7X3pVBJN9P&kjH^st6Z<)_lQqKv?7)fEOYk{)$f!w -zl48Yz2+-nCbk{MLrH3|`s3-e1z}t&|ay<~_0dQs^{OG?j?}DB%6A -z_ICIKn)qHn@*(szTgUOIH9Y1U;*j#hyYx|cxJW(~JlW-6jEVQGI3Ydt7Ue4RB5cl+ -zV$BDSESQm|B~I_kCk#VB*o|9##M1{```2@nq)q)zU!Wi-f2a&r5Be<}GSJi}JiD*xv -zlRUpuq6z6!2eI8`^J55?n^n=(C=7s@!mCw7JQLNjY<1(L5N!azdQ>IyKkK~dal9EY9!)i?tCj^f -zmW$O%DN3#4om0=}NLSt3Ql%*``;$d?_ZpLsAwK4pY|n{h(Zt4-tb9>$|2#+9hbEsLbt+ -zyqH1j9Ud4d84i(RK&tzIrGW`#Zsmhq7+vGF(H@u{BWGvrmo>J@C+=7i)a@_E?(Ld? -zhIHnb9tJAGXPTeUEG!jQ#z!v-60>)zL|uhYrjba9?Db66Q^6(r+`WJRXVcq5?)!V` -z8C%^=%FGnvW%e@jm$-Fci -zIv$|XW!2!FDv$nscT94!1WJezs?Qjhg6)8BF6;`2*P>%1^X1zvR1E#CDz|if*5deP -z_G;wu2;-m2i7cCZEe58Y)Km1Rc&1E+P<{b|WT^R$}h+0KASd$24A+c#qi?7VN -z8~(N+s5u$NoPnpyHJ^WweCFHZw}~2r^_V`VcWqQDq%y%AWZ}i*+HKmmjb!$24A6(K -zfIkcL>&~~2t2LJbl!5N6JjS)!g?nz%F?U2%9W>o6#NWs+Ew||o$=UL5QL|vQaqlUTi -zn||nh%w6Wn_FQtNUAJ#4x&qzkS?@V4vKhBFmeJVZ`x^g7ehw>OJ`K51=RGHYa$%XC0u~@mo{@ -zQnu8wE9=)p$6pLq>;0yIarD;!8OnLCw`XbG>G$6J=uo+1YDT}DMTA^5k(lGsj8Gd$ -z7Td{+9a^@rosAa;-T7+9{MQz6D&01tH+zY$;!U$jyvKb+aC@K+)fyoiLH4~m0Dhbk -z;!xrEU)vs;b9g~qTI@kgV8+8+t*9$cpCFh({szEZ@s|lh9J61Pe50P~Exc5TejXKu -zHvn8$ZhIj|o20Fic5J*cm(BE1_g9(>aF^@*(dB}huc`CTnIpmK!&{K7z -z2@ni;9W;wYsC_0bVc0@T9a9;xqq_dVgBT!ODqO{#O&tJ -z=nMX79Fd(BNtD_anv21Q_ERM3$n}H0{GfregQRsub=|oc34^1E1-Qk+Bua}}9)_M$ -zAP1{i;0_sVwG|t~L25LK?UfI-q+ubx*MXPCTHN`NP$&<^;0;!UgRcWsVKpZHa~tv9 -bPsEJav4jTW#X4ZBiEWB47NnWeA!0cUWns1? - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem -new file mode 100644 -index 00000000..16b13a45 ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem -@@ -0,0 +1,54 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIJmTBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIVI1x10/M7+ACAggA -+MAwGCCqGSIb3DQIIBQAwEQYFKw4DAgcECPtdOOUMWuSbBIIJSAksArEUkFkTphQT -+0c8tc3j45tJKHXFXhtt4V4pX26Ydh4cjenAveKvrawKhmpSW7O0n6A81nwwOxUH5 -+VaPDrA20Uz61+S5BbC8bDa7U6IhA2g6nr5qERb9rCl4eUvm3RWyzEqbLeiUER1Rw -+XrxiMva7wIZhZJNMdq5Bb9yhI1XMLlowf2WvNJGCgGC4aKbr1hp3AqJ3O79iRckF -+XP0fyLt5u8CSU/1NWGAUkQbnqAXYpE0gN7tzDLbBcAyRet7njaplj0XaZlOdOofT -+JQ8db7bavSGe7PeGjC2EZUNElgbHUbb2P31rNN76YR6JqN9cvj8gCGV1DETjEbgY -+theTtptT7/f7UWzR2xrts1iieYRy0luPo5xPOa4UDvbYcHtUVgSkrblw4A0Id9R2 -+8dRN8pW/7GPeaV6eqgUYVrqx76zVu8l7QtiZuA05tH2eVrTsMe9DnsvFV/kZIVpb -+8fnkokxp5OZOIIsUxIQdA4fxHA5k3Dw6/0bXVgYHXJTpdIlA8yHFgAkOFkhi9Wl0 -++d02COhFQUMB8vqsHc61aFAvKTMwMIs8/ui34rTSBnBLsmMQlNxgNzc14Dz3fGcj -+LU1lHosX+l9M+vEtiMD+lp3szj7b2+o1apc41L38CWo8XXVLyZ2lmQSHXz+PRWSl -+afjR1chBzlulvELqIMZkjsBazv4jHJOD7Alwcg9pb/i0QqFTbZzDyRmHW2Vfjn7f -+ZzfXZvnW0KLjH4BvRiSpkum/9PbXxQnxryMC36MHmEFUS2vwi5UUjSM9Ak1sdeUH -+b3D00kcERPREb8Pru9+aqK7fBmV+QTAhG5UqJ1E+Zx1YZp5791At4oC7udTud7eE -+n/1zKs1JWh/u8QZkLzHBkBZDIaRSCN6E/zSDmx4VjwCRv08fJK1ChkJJKs6mtCSA -+mQ5noc1kqy8Osaj56FpOxV6Jgr6vpEO7vYpBnQ0DGU5lkE1ij3puyaODR0CMgWXO -+DdoYWW1F53Sewu9MSpSf0/AZZZ4S2lQGhsH7Kfco/hXKV+/9Sj/8Mw82MDVojPvT -+vCc23ORArMRzWFItdDR0jkFVj3sV3csjvjG7/uuRtnapHqqhwiNbfRYoW8cL0y3O -+NO5179OE8Xmo0hHKYaDs3Nr+3dnFwQJ9HEJnKrH5MM2G1qUFknBYFqYEkmCXO87G -+ZtEIywtFEGElGymGWWhlg6tJxEcObN8sNHf0hqv7kH/jN6JuEFLQlfLz1b20XNka -+3rv5WKj7lMrpII9agGO7VR+zbpJ2RYv0a4N+D46SZGIoWKjravmrMzFhXju54HMR -+OKrL06njAoRE0TfpqGzv3InPJg7L8Bb9FtXMdficQ8BM5f62b7u8xcce7VLyhz+6 -+1cboaTywfD9mbGteysdoooFihVThc49/DPSi01jqZ4PE937tGDlt5GWFiIOaobF/ -+zfWxJq3BWA1LaVj44r9P4jORcP0fWvabcgzlD7vewvSk7cp+g8fGYipN8t4oqynp -+DGXYVCTzckllwNnVlCRcOpwYgdaz/2dEMqh4UH5bPI86Lu2J6Mr9iTuQ3CL967Lg -+hEVmb7HTO2Tr5mnAIkAUveJbLXqPGynh6d3k39m56h5DyPKDPBidjkXFnLlSJwO4 -+RPoAyVB3JOMEJ5Am/pXauj7NXErNTKRuWVQVspszi6ycoaiPGfXWYypZXy9W6hJ9 -+NWif4SKTpVVYBWH39YXBfyHwnSHeggsvUpmVzRldXuLRags82i4bVd6AjXZRQLfg -+SuvH/RPshm1CUwt+TArl6FM9MjdIOQM/8YUbyk/BcZsdM9ChHa+1soMXAhjz59ge -+T19BzvZWeDIuw9uatqSL/QWAENQcKalo1zFphkFLkHCQnvs3+cwPLo8AP9ES1W4G -+4KyiO+5e/04XqFDOg2iRYoaHEhM0zGTJpU9TDJQ1AQAmHj8TJ4eL6s5OaSzWN3dP -+C4d4V9Ay2y4VFNacVuOTAI945+yi6GN+63sL4FB723Jkruma9vhOhqGht5WOltXl -+yBjcMFmxhsvk9yErnPN/lUIpvy/BlAfPkTmSzTcam/ZfCOgIfFarbR5Hahynf6u4 -+x2ECWJtELt5jhxs1gnepZRh71WJbjo25SJO/PSI13uMhd0cBIlhu0iiVtGzucgeU -+PzUC6PO1gB2WgkFXaF839TO/dVpgbK2sBjRUjzqnYs+YMSVwiNY8gc2VAnXQu+oV -+NdNaPEF79JTp14Tq0rmhcjczdVQ7gCNUD5g8ehovAkp6DkKCoMmbKgagP9MnKrhS -+0tkaZwpLxRYiz7vZJhZvz1i64C7auy90fJxVAmsl0sC97dWsbcLaQoIKuwfn0kO8 -+q2Rx4xRMixI5uoWDYamNL5RAo1nmsvCQCWO/E5pKzEyykFZfQ+iX5/cFgjXmMBcJ -+1PRRrQcHvtAV51GhPXxPnskltHDUEV1xovYGH0yk20NZPEIVLf2OVGpcQICDzLyB -+IwxufeHMkakAcQO1ngz6czBMMPFhEqaTBDafybw94ObpVrpjO8bEuj96nmFh5hc0 -+o/dnMsU8q7syRIinjZTMcvwYLE1C6BSdY0j9TwDdFvH0IhmPaKgCxgoKuyiS2UtD -+G8JPZI9ymOKMnzaqLc5F56j2LSsOIf1o6svHWG2nGGCLCMgLaDCl1rkVYOhQ56Bf -+/a/iPfzkz1IYCO6zvq7AfImGHS7HLCk2Iusc2Oicf3fpjJ8TuMDwgUauGx9RKN2b -+znBUQeI1d6PWflz/Xl1L8GTDc/YI344axYvi3F9HND+gcOEpfcw8jxy/yMYHv2RT -+S4bGyRodGrVZDg7AjFyzLuwapM+GS09Qxdr/4cdEzLT+cuD+K9NsOr/TSvZD7YO8 -+09yVbXWBIHOXoVKPz8PSg6bb+Wzk73btacNRgaWlqa2EhT2g5pwSAcDwrTqN9GG7 -+0MiyEsWd2uCET8LBXmLPC4U0iHg85X0jC/fdM7xpRAKayuh5omYwyxxunZhAZ18H -+1meJbao8mCqDopih6HYgDbH3sQvk2BUIr0wX3MC7ITLAiIiziJdvXWYaIrDf+y61 -+gCf+0REpAKV0uaH1/PkOp7vmjeOHdUdSOOSH5AkyqBt4jNJDwi2yth3XJoyH+b+6 -+XGuzvCFDuwIZa9PPsAXkg7lb7+n9L0LSddUChVZQ0NVirNRGTek8p8Y8SYPJZHk3 -+ZuoG/kXvaiCSaP0ceg== -+-----END ENCRYPTED PRIVATE KEY----- -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der -new file mode 100644 -index 0000000000000000000000000000000000000000..460fec89132938172b51bcda4afe83ff843b8ba8 -GIT binary patch -literal 2461 -zcmV;O31apzf(e;0O9lxlhDe6@4FLrWFg`FT1_>&LNQU&90UlMC7T~- -z0tf&w3m^ -zr{$Ny<8nj!Dy|+OMn1|Tfj5Kt8v1!R>8tFWkk1%`k{$+jJwWLE!b$8Q~K0H -zLeVxt1Xfn!o$8L0nVDazUfw+BDV+jxV&!KN_6@Ots=_;Z8oXyP_^zw_K3U!phj8*nLi{uN+8jd8#Un}>(PjCf=iWdK2Z~1_-g|RS{1&jyVuVsi18)tP+MYt$6)!{l -zKt>1~pp=WLhh9OOnkL{`EXTded^;Ro3*qBWUAd&Y&}Gblmm@eNz4dgNW$O=e*g%A4 -zt1o!xM0xK!m%=q^P@;tmL|pHyt(1$PLen1Z&w&M#!_ -zlgeR1`VeamsHnMcl~LB9J}gPwV3+6*W4OGW6=YP@)n?(LXO$Pw9Gi0Wdc|6?`@kNt -zCNkv1RoRM59jck$`dyr5${^i~(*OES#5nj8o)mY)V}2tCT?VFMALJ>lb&fUQQyX;F -zZUAPCVNAad-3!xP&u>g{wx3Fb-q-Sg6mGy|qC&mxOYam(-4@;R?c0hqD9 -zO6MD6+|}v0dy;mrCESA4QW>m9XwrY6c61O!j;Wa|F~M(g>PR?KJjTnL2D=4L8U(l! -z4U7x&nHQo&AqHMSG$9f1k%@Gu8Vb`2>*^wdPp$=fS#RZCSF=^SiPuxD0Ne|;gzh<0 -z4hK-UxiXa{g$B#ULzkBnAwf42=YbA8#uba_?UTU>xpOGgW0iQP|7=t?pFqX1vI~yX -zcfdoigQ0!*Opc4mq5XWM%;lA=Vkq~<86o5oy?Ql59@FS|O#s?tmSKxR)3JD!2` -z7dH;12VEQ7eC;cWj<_#tDpE*ke+}amX0jQ>gwl8ml>Kt8!I3Z$4LFkH_Rk_r4pjwY -zMR7YR8`s0w;BbBQ1vGmB8MZ~Q10j;!heK5nPuvdG)X%zXiddXyJmpcHit<{AS|+D8F^GAuIo?DzWfVOS*%ZQ6Pg -z{kBW-yPtcvg7lNh$njs!Lpl)1TE@1+wW5147#p7oh1$+ALPIViwIBHNyZ~5eOy&+sHdl*NCTcc2E@xd -zAHRhIEw0P?FQI;Iq2>k9jb5wY9wI<<$0xri5-wTqL3&qa17m&AvkvqndSJ+dj!!G* -z3lByR2w_4+XtOO4>V4teZs;XoL@F%Q!{(ixqMm_3PJy%BjKsR^_G;&xn>}(+fdli1a-K_oS&n!GJ^BjM+A7{p%SMoATeuGtI?(>Kj -zlQ*&t-+m`AHr)|}s?4K=st1?{4)<6SXZ4@OvrPKxZ*~rUHD&MGUh~q$I)LZwJ63l& -zOSWAmv2(QCOa-TfY)t-IxMMj4Iiz3Om+I8a(LL-&L(x4W7qLGWX|il4UN<&2HV1pS -zB^3wb&n8*n^jdti(%o4^Bp_n2+=iuTnPGV`8|jxa|{zvvjbv -zh4sbJ;`yqBsW1dbdFgXakvDsgk1|ag&!*JcAg4HnElNvu-UpVSU`-0*f>n+B0M{O| -zpa-}W0%WU9Ho<8k3Ysf5R0d4UVwh&0rDN6WcV7`cCG6D1YnGFx3RIApWD%U -zDUYyT@0RBo=DDY7oyWM`5BP+U7eR#!!(PNL12=-#~|5N@V3#v#*YRB!+=0but}DD -zy5J|UFnjv*=TFLYTH~ZSF+wsdOL={Y}evgU$Q&azcts*kzx|{BN*FOkUC*lrZ -z{|1K!Nvs>OV@5@D9xqC-cFx?h4ShjdAbr~RH~=)*1rCb>5TS(^6!u?n{Tg6LJ&qmR -zmYQ6IaJwRFtnG&=XeT4j#W|G_F%w|jod%*MWbChhRZLx|y|>>g4I#9&jT4RP<`(Pj -zR(y<=q5(MFA(M8qnqX_>je7uNSq&LNQU&90Ukfd>gP-s=TEF -z0tf&w30);2uZtdzVR%lF|5+^1Ie)Q>mP}jD37A4&q{Ceq4xYuW}hgDbkYhu`>sDV&R0mxH^D5EWY -z>Or*S)JU(x(v5xkx$%vxbV<)CTU51)MokvMq6|c>qzO@iqE$Tv81MLuZHC!i7g)th -zIEQ7kEbXEQ0Nwu6!6tXUDj-Bg@31jn^H$G?0!=;7_qG#!52_G#D43`TPi`o(OulDx -zRziR{fvxn{2DsZBGn64SvK*1t+Rba~?rTdazZ3bEest6c%Xu%?I(JS5zMwIkT7~pG -zAl%GWa%Zp}Rh+l`2MVOPuo@Oi$NTEpN@xL9jB^m7D*exI0!0fC$%mc=T?nUMiY;`L -z|4zU=XnWGiZ6*SI^2492&nXl}V-@t}k+g@dq<0t-0vI7Uw?5|b33iGs4d%h=Zx{l@ -z)~_y_iB;@rnp~UY^O{V%=oDMZ#5QjU88b_iv;cBc^U9tkjJIJoSVqX1>WbDffT_aa -z+u}U-*}c@Cz*`l9*|b`xK*Wj*Km4$W`w1qj!q$lt|BiKXc$G|co5Znj5``bt&M!s`I{f9lz)l3Jq{Dq@lY0u_%^FhtIfmIPQ#40k%yo})zsi2ph -z8$z3d-v(&w>upisv8wgje(_ShU;ilVWDsUnr+^AnZx;tolGM93S(r)+XAzRzr|>N@ -zxX*7YFD0ZcE~|mKjMX2z3&Y0J6uT`I -z7RGc%!A!vK;~&D9zk73rClHV3Mq=|yAc|axf7pNTu0T;ubz)OeQV=%htfmi#kT$lw -zBnxenh@wx7X?A-<0KLI8LVt`wiN%IV37nAf5Zar9Gu@gd?}pTwl0H*(`hJT>?2T_$ -z1&}gpP5Yx#&o}~3Ou-RykhS>If|LNfHfsWFc1{Y@H_-Q~)w~l}x$i}GuS|4nWk;hCL5LisY(R7Y4qR_nD -z!)AE{qFb0FrJ`0)?MJalV-E>cql>pW1tV9g0CA;Qynwns_5*9@Dw{Nik$1tTkUdPD -zrGw7iiXZe;OG05~Ku7jqu^a(cW8hk6Pl6TNK@=W}PJnzMpV>9Lz_foLrFHP<8Pxi0 -zT`E+}d1c9(VdkRO54p1i+bwmw?`QQuAD$q}zl)K$B2UZKhc%1!erjcgmr~K~gknh2 -zqqA|1QfBjw7`qn%2q#t~)hk|moU*91EgJaH?pm#%k&PYftMU+izn*n>h+ztS6VMfI -zNk-z=1{UMC<SgC3F(j=WC&uGQaW{VylKhrPfqkE-X -z;2!W1J8dVUH(kPyso;W^FVCrOsc3aSfqURL{nH2%`~TUaPTs|I&#}=SVSZiRH$&(x -z{2w0dHlt`Pi+9L)T4bl+lIQ#i#X`rXM}8#t#$f_tVit_dxt7XG*c)ERxan~^o3?G7 -zEcNW=ivfl9!&#emEvC%)FjV3*Ekm6Rmr8z{@5Qjz>fLCY1f+UH_KowCO;vB{7N!=g -zD*eVFOCin5s?mNQLuVh1sbW_tNrUO1iZ$iwL5%j -zC5iNZ43BagH@LzsQPj)!B6>uot$`D$LA5%bCqXOz59l>6qRY%aNUar!#ww;JA}sAA -z#`6YmNf`aqW^z=QGa^6{CC$C5Us0DX9UczYDBoY<1*dJ5BxYrOH@|?{F9mKl!JL0R -zM>otoFFHDwVB%Z~gJd3!fvj*6I&cPU>X_UF|Bh^bjCc`I&Ip%q8~y0rLA(%rfBL_L -zSkW^vynN>2`|*}Zvu^MrRL@Kv4QzSk0@H?(bhmu}A$?gzh#o76wkV#0TW`;ulf;w8 -zXch*qyx;M{LumP{X{M%K>##@n?+x?NPWj+WG*acS87=!v?*X-eyRZ>Eu`5Lrlq4p^et6}_Ru -bSm+*sM*?^b>6&LNQU&90Ul(W|R5lgs$ZR -z0tf&w3k)74gr*hPTEhw{;BX20s@JZrB34{{>hzz6}L% -zn=6JPWzl%~B<=c31?speFn)D$ySTX%YM957Z6{@w5vEA20k*sIxu1$MacjPW$G31g -zejJgxhd0Cnhlu!+=uWfKQeAHN$ -zcTZ!Ul7NNHk4T)<2xYGAV>FC~%@dT=>}4&)c{Hgdnw^Bwe&QSu-(I)|;B*`;g+VA% -zey#CjaTQ@IJ7tMpr3?{~Oa5^AF2=_(YFKTb^IGqZoA4iIrgFQ-z+RPG!mZ}xOUOvA -zZz+(f(bIqpVwCoq_Uv6RAHGZOfC6WI#4M47-5}Z?5VKw}G&WI(W0>RzuEKES6;Q^e -zFjcwtwQ|sr6En*jH8902xfWY9*_-&}-dG_ka&MJVEhSKwrTX_G%bMzAkOXBV{MzDu -z#p)u@#1YI*Io9aPfByxjf>E`5A=3wfCR@BGrvU@1we*9Gbucy7A+|Q$pVrO`5t9hx -z{Jq`F=d}hO!b1_3)8ft}7r2F!Es&Ee@9Nxy-~J{cQLt`S<$*n;OKk2?T@#>I7DsTU -z%Fr&Gl)y^6roi|$0{YmoU6!CBulUPw2y+7@CxHPXRw-R(4aSL_eOlkqji1iCu1!O7 -zdhC6+NWhWRT}Z3`2*UWZ_^y@Q2xY>pi)VmmQUZyiG{}+MGHHncbldKsP?0wivxS&p -zyS_d0l%Dlb4<$FOa`oKsWq=NtzJVQ>s#7JY@)_mG~KzpeQp}osE}>?WJMK@w8|-nKT7dH -zadk$qwvG?MOf0cC7_$rc6jF{6!+_ebroQ6@(hQ_E6jp%}G)J#HLFQDr) -zhW5J$3w(_V;Z%~w@8AkTn!OQ2<`6b3kMK}clbYTWib|ab2L>OJZk*tbk0a^t8y`yJ -zK%crYXUyz2cum?wrpHGW6;Q!GCPA(4ea%BKQ=mXqHb=m9Oiidje|EhSQUJ-r#!Ihi -zZTp&EGtgV)D4Qf>&}J6aatRZ3wP0aH)VOwu0Pv}WGt^u$f5z -z==k{eE1HQ0^Ly3LF>XFveeD~JC0RbSOIb_f0oOK!h<%!8G<&8u?di&u!3=)^8f+Ml -zxPr=%pH51S5~G5~{GQLi=x9}=OMLR!QVw|?!y-o_IP7*Ai5MueNf9OfpDHnk{JGGL -z&Qm*rEqf=+eslMhE+A!+f4TvJjs+Y_Xf;*;5xt^L#{YapFWIA|LPp#bUag#>!TY>^*TMtt -zk?98H(g*P#YRRe~Q70%WIAiPa&gT-|A^SDjATGQ1p_YB?f-QVpq~)%D^>$S6H3fQpqQSsfamy}q76!;AI -z0QG(~giSZJPQFXF{php`+t*9zgWI?Vx%=;`RrQSax^ZI&7F7t$ppS&C_+sCJ>oz`- -zX@hzR+FLDQsAkYuZzV`GE&<4AYP4)#=7Et2 -zMxZSqibR)W41AiE*wB!*c3*_9$7P!zmzYu}0D!_;2PTa-qjF33hGckuOb3#ew1)MA -z(B|ZF-s**H5a6YD%G;kvt91O-%WKlA -z%*MIn#x@?&K4sQ;9Xu6&SMv(Zsw~iUe%({MKrsVIU6Fu+@v4p)O3{%p38BNL$9;BA -zAA3sa6JSR^L9Q3ximkDIXeg)FV#u}`Iw%N|Uc5hD#G3bK?UED>wmRTGUpls$xn*{Q -zfW`kY3}$wC!L*A@0@|>f;K1lyeEhuE6YuXPn;UVaRV%BffvmygLr%0+4}zlheoIpj -zLA!UpkGnDS>pKLg%PMd)SDgywWFxmRDKD~BJIXbC{Y -z8#-7M-24LT)M2hXILppKsC$}OletU_bUe-ik7Tr%cNV~g%uNh7 -zaOaA>H^9#y_=))N)jcWW5RKryzTA#F#8}mNyF!$d7~chQc!Ly^NMdv&_d_0A5}J8c=av|2P_8(+3S@>2dl^&Sxl?;brbK7^=SCO#K3DIk@NAW -z45y?~VN+OWLNj2|GIuECiB7Bv_e(}|CpLm&kocOJEbkch$K5D5tZYy3ehkxEXTs34 -zBMDQ@Q;ToXBv8dqvklzjqf^4-G2oj`43QU)t~jk?^AaY8(a(4WQWdTwSQNqbi_Pdx -zzJNjWuQHByvS(i`6|M~3%YkC^Evw*RZk@1{N*3RR*nLB!_{y_s{=~DoTp5)iEa<=H -bj>dCj?&mAXi&F{ARYpAz$k=4#E_aPOF5T4# - -literal 0 -HcmV?d00001 - -diff --git a/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem -new file mode 100644 -index 00000000..11504a6c ---- /dev/null -+++ b/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem -@@ -0,0 +1,54 @@ -+-----BEGIN ENCRYPTED PRIVATE KEY----- -+MIIJmTBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIGOnVLKvKgHACAggA -+MAwGCCqGSIb3DQILBQAwEQYFKw4DAgcECIGG28/TJRaGBIIJSFh6ZJN8xJaH30k1 -+rH+L1DyTH4CELsRd164RoqfUq8rp6+XcNG/S41PdI3efK28iyLx85AcqFArqHHUM -+7yGA6vmuSVz39ZXdu1CVMi7OQ4dTdg3KBXaz96cnyZ1EsoruibQDn6mQq1D0LG1u -+5phVLsnfQLDiOFUFm6X4q9FdJj6NUJdOY5XRJZEu6q3wEmVXDfL7zYXJl2gZuiGO -+eDp/d0IVcYFd1od0V8qI90nWPCeZziMcnR8wAloV2p8xiqHuVhV/4+I53ENqbqxo -+v+0aObO3JsaxLVML6JGhabd2k1v3QAZLawMVGBNa/7IEOBVeD4j6VSiZPdKN473i -+oXxRsya6HqCD4kx+zbofbL4dEZliLDmISoHRl9ipQfr1+Y//JYhEf6gLzmdFqP3q -+N92+rVwdRWfmVdIsgdLiinJWO1xZ1dUnWvGOYZNjurGVHqv2IrDBd8FDjl/yMU6z -+osnOynXspoSA53kQ46ZvArln8QGzWt1bD466nu86dXOkrfbAmS59VaNY4Y1D033l -+p+d94eEjRwFUsQbRWv8mvb+KPn+nYcWZFNCg2RhTUKnU0Od1SHY5f9jfGFUyobYp -+/tg6eizo7T+rU9PZoTkGnCf1qOwNPpbSh5FcLVajeDiYokoyc17VQJcc1xzKeIOs -+tcU7kK/jA1GofCVhH3S1OPYqdjGvvoTVAYyXH3SuH04a8UJvFsRl8XdTNYOyecqi -+tH17PADDa2UTvKE2dLhxxVUoO9dZVeEorNiFWCQ/rsl5M1eT9KXh2lvZRM+Yxo3+ -+NPP1/CGa5sDYx9aZQPoJc6aTJicmqx/srRtMR/RuwBUUH/1AENHdNLBL2IPfYjsL -+xKU/ox62cs2sCIywkBkR9WHPTqaU7HU6rlD8phinfljA5rMj3P3zrNk8XqfHNTpV -+BVA2Eczf1HNizvLxE3+vp/eGYCecuLfnqwRj5zAjiYPcy8s1vETDkXSWdc9vQf2c -+zky7tdAMS2WLFIulBIqYFDhicdlp9LTaeUOiwNIbPLVMzKy8zzW3UhMXyVi9EBCt -+IDhkUTdaLmiHB0F14NISRK6/isa4Vfe+/Z9ML/z9iFm8eC6LMy+/YgWZD0vYIwow -+JKHuEuuUuDR7gkHgZ/cvjMsyOI26uiW/W8qfAk7OR/qlZXMgWCQTgVBEcgmZio8U -+BcVDRPKFqLCKOINQ4poxt45Ez+xRlYdwExPnSRD7ZMFPYcUllO+S72JYGsYdGs60 -+i529HgXKp/bS+1JKK/zxQmjApZ5kWGmc7kAUU76zprd7NKmdpWv1nbDJBtNU1bmW -+nzE/GXyNMYVGuxGnu/9scKSRATLzvLXtviRKoZVFm+6m7gR8J4GVSu8TxaXlYxg9 -+NR+UujQJeoChR2dHvAZXc5g3j9rjQXZYlMm6M5rq0CbMlfeAFSwyG3Gm6D/cRxJg -+MHPaU7HpeZL5r7rJwNfUt/c/cuQ5C8CadgTgDd1NW50uEUoJh3QGE2K3Jq+0wG9h -+sk72lnVzH0bnMbJDXEV1btrs2qnnSots74+8F24gQb9PRQliuk50LGNddgrGoSgB -+b9eaBl7cgcy7T1XUv4I+aEW+sfa8bGBffIF2nk3oCrkW9Sbdeh8qSE9uthewpGvK -+WxBhCn6zUryHmt5ppiC6JrHJridCSu4RNbYL2umAM4DNh4lE5rBvFrCHaqet7hdy -+wheQGRQnRzNru5alCxfNWXXuOp9naFmF5RFDWvSXukn8qfxzRcjMhvNS+z21O9nK -+LPRaX9AICLGC+1C++Ka4pjVJVT/WhElXVap313Oj/Rc6KvRCdGpqMLVxPIrPFvbj -+vzNFa/YEU3RK/wjO6/kQPtlcfwMzZFkDHMWiYMCUoi6Dpvze/mKSTA9G9lmc+/BF -+sgqLZM7yltTmiGKQUDSlUOs08ZmPw1+HSOu2DZKWQ+2XoHSMih5ezu7GZ0xvUt4T -+BHV95sRDCAvUywGTIPhx5xa+gICVeL97DOUCS+Y+WJYmeSlZ5r+dyg2V7+CX+qjr -+ENMpouV8bIMpN05qXez8MuO4vJdDDsjqxq+y5kwN/ugb+DOq5okeRIaWRPWdyceT -+NCayiE+5nnfdPMQAAJqZ/LGSx09fyamJqhcG3RJosFfrVPjj7aASUWi1BFjxIe1L -+3fFSU9UDh9hfJczZx+hNKb56vhgrO+DaIbDMNMQqh6C2zdCirBT6M1NXhWvHKjkj -+/MNyLBwnCWTUZ7gufn/0MAr1DaeoE6TzcwDCpW6ntXF9tG7L4DVbA8Cqy+M0HnQL -+Pi2BCh4KrRiV1G4N8xDDCQw6IkfKRGGO6wCJ1HTnA2xmKqCzE2Ul8S/3+aEEpRNT -+3FrcrEi+nzAkzBBkPcHaxayx3mR00Wv/mwcI7SoYKKfuidESQy+VBAHqekTmSELw -+YRTdrXTKNWYlyms7pKMOgdqZAhFVOYxKBVaiuUeOGtvCNZ2qf7TOG/pT3nqTAbAg -+UeP7kvf2BaYlKoFog3uvRypcWLomQqY6hwvWW7IwquHwxeFdCHHeNrr9CoBrF2lz -+Z162/inTRzSbUhjumhLGEiJSzZyrEErjBjF5jE07TioEgmnXyCFWoc4nBnZ2+KXb -+J7/QWMsCJwb/CsvQxegd8X6SwLDfH/28py+UAqSTi/HA2GY/68Q3PQ17V7fyg5l0 -+h6FShhYOKmForUNwqn2TwGPH+0swtOU2fKFq0NMHPSvta6U0wpaRZMCojw8AV3y+ -+lUdKesz2siioxfeIxhD1Rm1KZ5p1N/FgyAEu6wpWj8okQjxRiGe+GQLheQpsL/ZW -+HsljSq73o9v/F7xNE9xqIxEGnUDYIAQCX47CiQOTTR9Lz6N/t36Eew1+KjiI4Xda -+VCu207ipFQPpNkvc13z2NWC/4NeRQg82LCYep4y+ZblcyqLqvMwOhJro2Kxoe1e1 -+rv1Mwzd0ShUosb/2CChCRdirLJFXaXzm+PzBZoCyJEWcSxi56By58jh6H+XeUxCj -+0fl7eXLHb4sv8kf7P0KJGCxNY7ik3TLJjncsA9gLmFAeRcYWKq5SuSEW3DmfDSXZ -+CC1pSsvFBvV60ZFm2r96xqFHKFHOb15qm9DBXphr870nZQB7+QgRwp+jd+xdXUDS -+PelVGau5uoRN2tFPNvoeGyww9lkuNAJWK4U+LdLwHsQOUIKTf1rgwz5C077omOh4 -+3u+3zMTCMRDNhiJb3g== -+-----END ENCRYPTED PRIVATE KEY----- --- -2.16.2 - diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0006-tests_suite_pkparse-new-PKCS8-v2-keys-with-PRF-SHA1.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0006-tests_suite_pkparse-new-PKCS8-v2-keys-with-PRF-SHA1.patch deleted file mode 100644 index b5b1614..0000000 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0006-tests_suite_pkparse-new-PKCS8-v2-keys-with-PRF-SHA1.patch +++ /dev/null @@ -1,604 +0,0 @@ -From 7ed2575f310fd889fba025aa760f74ec1b41924b Mon Sep 17 00:00:00 2001 -From: Antonio Quartulli -Date: Thu, 1 Feb 2018 14:03:36 +0800 -Subject: [PATCH] tests_suite_pkparse: new PKCS8-v2 keys with PRF != SHA1 - -Extend the pkparse test suite with the newly created keys -encrypted using PKCS#8 with PKCS#5 v2.0 with PRF being -SHA224, 256, 384 and 512. - -Signed-off-by: Antonio Quartulli ---- - tests/suites/test_suite_pkparse.data | 576 +++++++++++++++++++++++++++++++++++ - 1 file changed, 576 insertions(+) - -diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data -index 416f9dfe..1bf06270 100644 ---- a/tests/suites/test_suite_pkparse.data -+++ b/tests/suites/test_suite_pkparse.data -@@ -362,6 +362,582 @@ Parse RSA Key #49.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, no PW) - depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS5_C - pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -+Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTest":0 -+ -+Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTest":0 -+ -+Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTest":0 -+ -+Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTest":0 -+ -+Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTest":0 -+ -+Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTest":0 -+ -+Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #62.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #62.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #63 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #63.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #63.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #64 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #64.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #64.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #65 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTest":0 -+ -+Parse RSA Key #65.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #65.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #66 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTest":0 -+ -+Parse RSA Key #66.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #66.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #67 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTest":0 -+ -+Parse RSA Key #68.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #68.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #69 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #69.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #69.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #70 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #70.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #70.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #71 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #71.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #71.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #72 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTest":0 -+ -+Parse RSA Key #72.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #72.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #73 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTest":0 -+ -+Parse RSA Key #73.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #73.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #74 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTest":0 -+ -+Parse RSA Key #74.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #74.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0 -+ -+Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0 -+ -+Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0 -+ -+Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0 -+ -+Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0 -+ -+Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0 -+ -+Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #88.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #88.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #89 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #89.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #89.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #90 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #90.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #90.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #91 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTest":0 -+ -+Parse RSA Key #91.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #91.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #92 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTest":0 -+ -+Parse RSA Key #92.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #92.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #93 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTest":0 -+ -+Parse RSA Key #93.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #93.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #94 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #94.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #94.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #95 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #95.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #95.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #96 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTest":0 -+ -+Parse RSA Key #96.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #96.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED -+ -+Parse RSA Key #97 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTest":0 -+ -+Parse RSA Key #97.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #97.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #98 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTest":0 -+ -+Parse RSA Key #98.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #98.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ -+Parse RSA Key #99 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTest":0 -+ -+Parse RSA Key #99.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, wrong PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH -+ -+Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, no PW) -+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C -+pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -+ - Parse Public RSA Key #1 (PKCS#8 wrapped) - depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C - pk_parse_public_keyfile_rsa:"data_files/format_gen.pub":0 --- -2.16.2 - diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0007-cmake-build.patch b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0007-cmake-build.patch deleted file mode 100644 index 2c521a8..0000000 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/deps/mbedtls/patches/0007-cmake-build.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 5d31999442a41c154f6c56e91c8fe7705c74e2be Mon Sep 17 00:00:00 2001 -From: Arne Schwabe -Date: Thu, 28 Dec 2017 00:19:10 +0100 -Subject: [PATCH] Use current cmake directory instead of source root directory - when exuting config.pl - -When mdbedtls is added as a subdirectory to another project this will -call config.pl with the right path If mbedtls is build standalone -current and root source directory are identical. - -Signed-off-by: Arne Schwabe ---- - CMakeLists.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 3e47224ea1..2883eff270 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -31,7 +31,7 @@ find_package(Perl) - if(PERL_FOUND) - - # If NULL Entropy is configured, display an appropriate warning -- execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_SOURCE_DIR}/scripts/config.pl -f ${CMAKE_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY -+ execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY - RESULT_VARIABLE result) - if(${result} EQUAL 0) - message(WARNING ${NULL_ENTROPY_WARNING}) diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ip.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ip.hpp index 3712593..1fda545 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ip.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ip.hpp @@ -78,10 +78,16 @@ namespace openvpn { { } +#ifndef SWIGPYTHON + // When calling IP:Addr with None as the second parameter, Swig will + // always pick this function and complain about not being able to convert + // a null pointer to a const std::string reference. Hide this function, so + // swig is forced to take the const char* variant of this function instead Addr(const std::string& ipstr, const std::string& title, Version required_version = UNSPEC) : Addr(from_string(ipstr, title.c_str(), required_version)) { } +#endif void validate_version(const char *title, Version required_version) const { @@ -89,10 +95,12 @@ namespace openvpn { throw ip_exception(internal::format_error(to_string(), title, version_string_static(required_version), "wrong IP version")); } +#ifndef SWIGPYTHON void validate_version(const std::string& title, Version required_version) const { validate_version(title.c_str(), required_version); } +#endif static std::string validate(const std::string& ipstr, const char *title = nullptr, Version required_version = UNSPEC) { @@ -100,10 +108,12 @@ namespace openvpn { return a.to_string(); } +#ifndef SWIGPYTHON static std::string validate(const std::string& ipstr, const std::string& title, Version required_version = UNSPEC) { return validate(ipstr, title.c_str(), required_version); } +#endif static bool is_valid(const std::string& ipstr) { diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv4.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv4.hpp index aacadd7..03c7653 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv4.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv4.hpp @@ -58,6 +58,11 @@ namespace openvpn { typedef std::uint32_t base_type; typedef std::int32_t signed_base_type; + bool defined() const + { + return true; + } + static Addr from_addr(const Addr& addr) { return addr; @@ -498,6 +503,15 @@ namespace openvpn { h(u.addr); } +#ifdef HAVE_CITYHASH + std::size_t hashval() const + { + HashSizeT h; + hash(h); + return h.value(); + } +#endif + #ifdef OPENVPN_IP_IMMUTABLE private: #endif @@ -566,4 +580,8 @@ namespace openvpn { } } +#ifdef HAVE_CITYHASH +OPENVPN_HASH_METHOD(openvpn::IPv4::Addr, hashval); +#endif + #endif // OPENVPN_ADDR_IPV4_H diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv6.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv6.hpp index 99662c1..9fedb64 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv6.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/ipv6.hpp @@ -55,6 +55,11 @@ namespace openvpn { public: enum { SIZE=128 }; + bool defined() const + { + return true; + } + static Addr from_addr(const Addr& addr) { return addr; @@ -540,6 +545,15 @@ namespace openvpn { h(u.bytes, sizeof(u.bytes)); } +#ifdef HAVE_CITYHASH + std::size_t hashval() const + { + HashSizeT h; + hash(h); + return h.value(); + } +#endif + #ifdef OPENVPN_IP_IMMUTABLE private: #endif @@ -825,4 +839,8 @@ namespace openvpn { } } +#ifdef HAVE_CITYHASH +OPENVPN_HASH_METHOD(openvpn::IPv6::Addr, hashval); +#endif + #endif // OPENVPN_ADDR_IPV6_H diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/pool.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/pool.hpp index b0b9062..b176f5d 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/pool.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/pool.hpp @@ -47,7 +47,7 @@ namespace openvpn { // Add range of addresses to pool (pool will own the addresses). void add_range(const RangeType& range) { - typename RangeType::Iterator iter = range.iterator(); + auto iter = range.iterator(); while (iter.more()) { const ADDR& a = iter.addr(); @@ -59,7 +59,7 @@ namespace openvpn { // Add single address to pool (pool will own the address). void add_addr(const ADDR& addr) { - typename std::unordered_map::const_iterator e = map.find(addr); + auto e = map.find(addr); if (e == map.end()) { freelist.push_back(addr); @@ -73,16 +73,23 @@ namespace openvpn { return map.size() - freelist.size(); } + // Return number of pool addresses currently in use. + size_t n_free() const + { + return freelist.size(); + } + // Acquire an address from pool. Returns true if successful, // with address placed in dest, or false if pool depleted. bool acquire_addr(ADDR& dest) { while (true) { + freelist_fill(); if (freelist.empty()) return false; const ADDR& a = freelist.front(); - typename std::unordered_map::iterator e = map.find(a); + auto e = map.find(a); if (e == map.end()) // any address in freelist must exist in map throw Exception("PoolType: address in freelist doesn't exist in map"); if (!e->second) @@ -100,7 +107,7 @@ namespace openvpn { // successful, or false if the address is not available. bool acquire_specific_addr(const ADDR& addr) { - typename std::unordered_map::iterator e = map.find(addr); + auto e = map.find(addr); if (e != map.end() && !e->second) { e->second = true; @@ -115,7 +122,7 @@ namespace openvpn { // (b) the address is not owned by the pool. void release_addr(const ADDR& addr) { - typename std::unordered_map::iterator e = map.find(addr); + auto e = map.find(addr); if (e != map.end() && e->second) { freelist.push_back(addr); @@ -126,6 +133,25 @@ namespace openvpn { // DEBUGGING -- get the map load factor float load_factor() const { return map.load_factor(); } + // Override to refill freelist on demand + virtual void freelist_fill() + { + } + + std::string to_string() const + { + std::string ret; + for (const auto& e : map) + { + if (e.second) + { + ret += e.first.to_string(); + ret += '\n'; + } + } + return ret; + } + private: std::deque freelist; std::unordered_map map; diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/randaddr.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/randaddr.hpp index 73ffd1d..4de41c2 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/randaddr.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/randaddr.hpp @@ -28,18 +28,26 @@ namespace openvpn { namespace IP { + inline IPv4::Addr random_addr_v4(RandomAPI& prng) + { + return IPv4::Addr::from_uint32(prng.rand_get()); + } + + inline IPv6::Addr random_addr_v6(RandomAPI& prng) + { + unsigned char bytes[16]; + prng.rand_fill(bytes); + return IPv6::Addr::from_byte_string(bytes); + } + inline Addr random_addr(const Addr::Version v, RandomAPI& prng) { switch (v) { case Addr::V4: - return Addr::from_ipv4(IPv4::Addr::from_uint32(prng.rand_get())); + return Addr::from_ipv4(random_addr_v4(prng)); case Addr::V6: - { - unsigned char bytes[16]; - prng.rand_fill(bytes); - return Addr::from_ipv6(IPv6::Addr::from_byte_string(bytes)); - } + return Addr::from_ipv6(random_addr_v6(prng)); default: throw ip_exception("address unspecified"); } diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/route.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/route.hpp index 730c2bf..d67c0d8 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/route.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/addr/route.hpp @@ -40,8 +40,9 @@ namespace openvpn { namespace IP { // Basic route object template - struct RouteType + class RouteType { + public: typedef ADDR Addr; ADDR addr; @@ -89,6 +90,11 @@ namespace openvpn { return r; } + bool defined() const + { + return addr.defined(); + } + IP::Addr::Version version() const { return addr.version(); @@ -99,9 +105,19 @@ namespace openvpn { return addr.version_mask(); } + RouteType to_ipv4() const + { + return RouteType(addr.to_ipv4(), prefix_len); + } + + RouteType to_ipv6() const + { + return RouteType(addr.to_ipv6(), prefix_len); + } + ADDR netmask() const { - return ADDR::netmask_from_prefix_len(version(), prefix_len); + return netmask_(addr, prefix_len); } size_t extent() const @@ -119,6 +135,12 @@ namespace openvpn { addr = addr & netmask(); } + void verify_canonical() const + { + if (!is_canonical()) + throw route_error("route not canonical: " + to_string()); + } + bool is_host() const { return addr.defined() && prefix_len == addr.size(); @@ -134,7 +156,7 @@ namespace openvpn { bool contains(const ADDR& a) const // assumes canonical address/routes { - if (addr.defined() && addr.version() == a.version()) + if (addr.defined() && version_eq(addr, a)) return (a & netmask()) == addr; else return false; @@ -153,7 +175,7 @@ namespace openvpn { r1.addr = addr; r1.prefix_len = newpl; - r2.addr = addr + ADDR::netmask_from_prefix_len(addr.version(), newpl).extent_from_netmask(); + r2.addr = addr + netmask_(addr, newpl).extent_from_netmask(); r2.prefix_len = newpl; return true; @@ -201,6 +223,37 @@ namespace openvpn { return h.value(); } #endif + + private: + static IPv4::Addr netmask_(const IPv4::Addr&, unsigned int prefix_len) + { + return IPv4::Addr::netmask_from_prefix_len(prefix_len); + } + + static IPv6::Addr netmask_(const IPv6::Addr&, unsigned int prefix_len) + { + return IPv6::Addr::netmask_from_prefix_len(prefix_len); + } + + static IP::Addr netmask_(const IP::Addr& addr, unsigned int prefix_len) + { + return IP::Addr::netmask_from_prefix_len(addr.version(), prefix_len); + } + + static bool version_eq(const IPv4::Addr&, const IPv4::Addr&) + { + return true; + } + + static bool version_eq(const IPv6::Addr&, const IPv6::Addr&) + { + return true; + } + + static bool version_eq(const IP::Addr& a1, const IP::Addr& a2) + { + return a1.version() == a2.version(); + } }; template @@ -229,8 +282,7 @@ namespace openvpn { void verify_canonical() const { for (auto &r : *this) - if (!r.is_canonical()) - throw route_list_error("route not canonical: " + r.to_string()); + r.verify_canonical(); } template diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/buffer/buffer.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/buffer/buffer.hpp index 9ee1927..986d1cb 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/buffer/buffer.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/buffer/buffer.hpp @@ -82,6 +82,7 @@ namespace openvpn { buffer_headroom, buffer_underflow, buffer_overflow, + buffer_offset, buffer_index, buffer_const_index, buffer_push_front_headroom, @@ -108,6 +109,8 @@ namespace openvpn { return "buffer_underflow"; case buffer_overflow: return "buffer_overflow"; + case buffer_offset: + return "buffer_offset"; case buffer_index: return "buffer_index"; case buffer_const_index: @@ -144,6 +147,7 @@ namespace openvpn { template friend class BufferAllocatedType; public: + typedef T value_type; typedef T* type; typedef const T* const_type; typedef typename std::remove_const::type NCT; // non-const type @@ -177,6 +181,15 @@ namespace openvpn { size_ = 0; } + void reset_offset(const size_t offset) + { + const size_t size = size_ + offset_ - offset; + if (offset > capacity_ || size > capacity_ || offset + size > capacity_) + OPENVPN_BUFFER_THROW(buffer_offset); + offset_ = offset; + size_ = size; + } + void reset_size() { size_ = 0; @@ -519,6 +532,19 @@ namespace openvpn { OPENVPN_BUFFER_THROW(buffer_underflow); } + BufferType read_alloc_buf(const size_t size) + { + if (size <= size_) + { + BufferType ret(data_, offset_, size, capacity_); + offset_ += size; + size_ -= size; + return ret; + } + else + OPENVPN_BUFFER_THROW(buffer_underflow); + } + void reset(const size_t min_capacity, const unsigned int flags) { if (min_capacity > capacity_) diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/bigmutex.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/bigmutex.hpp index ebd1667..134f65b 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/bigmutex.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/bigmutex.hpp @@ -36,7 +36,7 @@ namespace openvpn { namespace bigmutex { - std::recursive_mutex the_recursive_mutex; + OPENVPN_EXTERN std::recursive_mutex the_recursive_mutex; } #ifdef OPENVPN_ENABLE_BIGMUTEX diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/core.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/core.hpp index b60fd5c..28ba2f4 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/core.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/core.hpp @@ -40,8 +40,13 @@ namespace openvpn { inline int n_cores() { + int count = std::thread::hardware_concurrency(); + // C++11 allows thread::hardware_concurrency() to return 0, fall back + // to specific solution if we detect this + if (count > 0) + return count; + #if defined(OPENVPN_PLATFORM_TYPE_APPLE) - int count; size_t count_len = sizeof(count); if (::sysctlbyname("hw.logicalcpu", &count, &count_len, NULL, 0) != 0) count = 1; diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/exception.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/exception.hpp index 08d67e2..3c1f3fc 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/exception.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/exception.hpp @@ -89,14 +89,14 @@ namespace openvpn { class C : public openvpn::Exception { \ public: \ C() : openvpn::Exception(#C OPENVPN_FILE_LINE) {} \ - C(std::string err) : openvpn::Exception(#C OPENVPN_FILE_LINE ": " + err) {} \ + C(const std::string err) : openvpn::Exception(#C OPENVPN_FILE_LINE ": " + err) {} \ } // define a custom exception class that allows extra info, but does not emit a tag # define OPENVPN_UNTAGGED_EXCEPTION(C) \ class C : public openvpn::Exception { \ public: \ - C(std::string err) : openvpn::Exception(err) {} \ + C(const std::string err) : openvpn::Exception(err) {} \ } // define a custom exception class that allows extra info, and inherits from a custom base @@ -104,7 +104,7 @@ namespace openvpn { class C : public B { \ public: \ C() : B(#C OPENVPN_FILE_LINE) {} \ - C(std::string err) : B(#C OPENVPN_FILE_LINE ": " + err) {} \ + C(const std::string err) : B(#C OPENVPN_FILE_LINE ": " + err) {} \ } // define a custom exception class that allows extra info, and inherits from a custom base, @@ -112,7 +112,7 @@ namespace openvpn { # define OPENVPN_UNTAGGED_EXCEPTION_INHERIT(B, C) \ class C : public B { \ public: \ - C(std::string err) : B(err) {} \ + C(const std::string err) : B(err) {} \ } // throw an Exception with stringstream concatenation allowed diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileatomic.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileatomic.hpp index 1107a85..2d22ec6 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileatomic.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileatomic.hpp @@ -47,6 +47,7 @@ namespace openvpn { inline void write_binary_atomic(const std::string& fn, const std::string& tmpdir, const mode_t mode, + const std::uint64_t mtime_ns, // set explicit modification-time in nanoseconds since epoch, or 0 to defer to system const ConstBuffer& buf, RandomAPI& rng) { @@ -56,7 +57,7 @@ namespace openvpn { const std::string tfn = path::join(tmpdir, '.' + path::basename(fn) + '.' + render_hex(data, sizeof(data))); // write to temporary file - write_binary_unix(tfn, mode, buf); + write_binary_unix(tfn, mode, mtime_ns, buf); // then move into position if (::rename(tfn.c_str(), fn.c_str()) == -1) @@ -69,10 +70,11 @@ namespace openvpn { inline void write_binary_atomic(const std::string& fn, const std::string& tmpdir, const mode_t mode, + const std::uint64_t mtime_ns, const Buffer& buf, RandomAPI& rng) { - return write_binary_atomic(fn, tmpdir, mode, const_buffer_ref(buf), rng); + return write_binary_atomic(fn, tmpdir, mode, mtime_ns, const_buffer_ref(buf), rng); } } diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileunix.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileunix.hpp index cc6efa5..4a0584f 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileunix.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/fileunix.hpp @@ -35,12 +35,14 @@ #include // for lseek, open #include // for open #include // for open +#include #include #include #include #include #include +#include #include namespace openvpn { @@ -49,6 +51,7 @@ namespace openvpn { // write binary buffer to file inline void write_binary_unix(const std::string& fn, const mode_t mode, + const std::uint64_t mtime_ns, // set explicit modification-time in nanoseconds since epoch, or 0 to defer to system const void *buf, const size_t size) { @@ -61,11 +64,16 @@ namespace openvpn { } // write - { - const ssize_t len = write_retry(fd(), buf, size); - if (len != size) - throw file_unix_error(fn + " : incomplete write"); - } + if (size) + { + const ssize_t len = write_retry(fd(), buf, size); + if (len != size) + throw file_unix_error(fn + " : incomplete write"); + } + + // explicit modification time + if (mtime_ns) + update_file_mod_time_nanoseconds(fd(), mtime_ns); // close { @@ -77,23 +85,26 @@ namespace openvpn { inline void write_binary_unix(const std::string& fn, const mode_t mode, + const std::uint64_t mtime_ns, const Buffer& buf) { - write_binary_unix(fn, mode, buf.c_data(), buf.size()); + write_binary_unix(fn, mode, mtime_ns, buf.c_data(), buf.size()); } inline void write_binary_unix(const std::string& fn, const mode_t mode, + const std::uint64_t mtime_ns, const ConstBuffer& buf) { - write_binary_unix(fn, mode, buf.c_data(), buf.size()); + write_binary_unix(fn, mode, mtime_ns, buf.c_data(), buf.size()); } inline void write_text_unix(const std::string& fn, const mode_t mode, + const std::uint64_t mtime_ns, const std::string& content) { - write_binary_unix(fn, mode, content.c_str(), content.length()); + write_binary_unix(fn, mode, mtime_ns, content.c_str(), content.length()); } enum { // MUST be distinct from BufferAllocated flags diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/function.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/function.hpp index 6ba6c2a..4b1e91b 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/function.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/function.hpp @@ -26,6 +26,7 @@ #include // for std::size_t #include // for std::move +#include #include namespace openvpn { @@ -35,7 +36,7 @@ namespace openvpn { template class Function; - template + template class Function { public: @@ -92,7 +93,7 @@ namespace openvpn { } } - R operator()(A... args) + R operator()(A... args) const { return methods->invoke(data, std::forward(args)...); } @@ -103,6 +104,7 @@ namespace openvpn { } private: +#ifdef _MSC_VER template void construct(T&& functor) noexcept { @@ -123,10 +125,38 @@ namespace openvpn { new (data) Extern(std::move(functor)); } } +#else + template + static constexpr bool is_intern() + { + return sizeof(Intern) <= sizeof(data); + } + + template (), int>::type = 0> + void construct(T&& functor) noexcept + { + // store functor internally (in data) + setup_methods_intern(); + new (data) Intern(std::move(functor)); + } + + template (), int>::type = 0> + void construct(T&& functor) noexcept + { + static_assert(!INTERN_ONLY, "Function: Intern doesn't fit in data[] and INTERN_ONLY=true"); + static_assert(sizeof(Extern) <= sizeof(data), "Function: Extern doesn't fit in data[]"); + + // store functor externally (using new) + setup_methods_extern(); + new (data) Extern(std::move(functor)); + } +#endif struct Methods { - R (*invoke)(void *, A...); + R (*invoke)(void *, A&&...); void (*move)(void *, void *); void (*destruct)(void *); }; @@ -163,21 +193,21 @@ namespace openvpn { { } - static R invoke(void *ptr, A... args) + static R invoke(void* ptr, A&&... args) { - Intern* self = reinterpret_cast*>(ptr); + Intern* self = reinterpret_cast(ptr); return self->functor_(std::forward(args)...); } static void move(void *dest, void *src) { - Intern* s = reinterpret_cast*>(src); + Intern* s = reinterpret_cast(src); new (dest) Intern(std::move(*s)); } static void destruct(void *ptr) { - Intern* self = reinterpret_cast*>(ptr); + Intern* self = reinterpret_cast(ptr); self->~Intern(); } @@ -195,23 +225,23 @@ namespace openvpn { { } - static R invoke(void *ptr, A... args) + static R invoke(void* ptr, A&&... args) { - Extern* self = reinterpret_cast*>(ptr); + Extern* self = reinterpret_cast(ptr); return (*self->functor_)(std::forward(args)...); } static void move(void *dest, void *src) { - Extern* d = reinterpret_cast*>(dest); - Extern* s = reinterpret_cast*>(src); + Extern* d = reinterpret_cast(dest); + Extern* s = reinterpret_cast(src); d->functor_ = s->functor_; // no need to set s->functor_=nullptr because parent will not destruct src after move } static void destruct(void *ptr) { - Extern* self = reinterpret_cast*>(ptr); + Extern* self = reinterpret_cast(ptr); delete self->functor_; } @@ -220,7 +250,7 @@ namespace openvpn { }; const Methods* methods; - void* data[N]; + mutable void* data[N]; }; } diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/modstat.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/modstat.hpp new file mode 100644 index 0000000..609c449 --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/modstat.hpp @@ -0,0 +1,57 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2017 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +#pragma once + +#include // Definition of AT_* constants */ +#include +#include // for std::uint64_t +#include + +#include + +namespace openvpn { + + inline int update_file_mod_time_nanoseconds(const std::string& filename, + const std::uint64_t nanoseconds_since_epooch) + { + struct timespec times[2]; + times[0].tv_sec = nanoseconds_since_epooch / std::uint64_t(1000000000); + times[0].tv_nsec = nanoseconds_since_epooch % std::uint64_t(1000000000); + times[1] = times[0]; + if (::utimensat(AT_FDCWD, filename.c_str(), times, 0) == -1) + return errno; + return 0; + } + + inline int update_file_mod_time_nanoseconds(const int fd, + const std::uint64_t nanoseconds_since_epooch) + { + struct timespec times[2]; + times[0].tv_sec = nanoseconds_since_epooch / std::uint64_t(1000000000); + times[0].tv_nsec = nanoseconds_since_epooch % std::uint64_t(1000000000); + times[1] = times[0]; + if (::futimens(fd, times) == -1) + return errno; + return 0; + } + +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/option_error.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/option_error.hpp new file mode 100644 index 0000000..c81518b --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/option_error.hpp @@ -0,0 +1,30 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2018 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +#pragma once + +#include + +namespace openvpn { + + OPENVPN_EXCEPTION(option_error); + +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/options.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/options.hpp index 82ddfc5..cbb07e2 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/options.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/options.hpp @@ -57,7 +57,6 @@ #include // for std::uint64_t #include -#include #include #include #include @@ -65,11 +64,10 @@ #include #include #include +#include namespace openvpn { - OPENVPN_EXCEPTION(option_error); - class Option { public: @@ -1173,6 +1171,16 @@ namespace openvpn { } } + // Return raw C string to option data or nullptr if option doesn't exist. + const char *get_c_str(const std::string& name, size_t index, const size_t max_len) const + { + const Option* o = get_ptr(name); + if (o) + return o->get(index, max_len).c_str(); + else + return nullptr; + } + // Convenience method that gets a particular argument index within an option, // while returning a default string if option doesn't exist, and raising an // exception if argument index is out-of-bounds. diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/strerror.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/strerror.hpp index a8f2cb9..386aaef 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/strerror.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/strerror.hpp @@ -25,6 +25,8 @@ #include #include +#include + namespace openvpn { inline std::string strerror_str(const int errnum) { diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/string.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/string.hpp index bf6e56d..8807693 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/string.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/common/string.hpp @@ -310,6 +310,19 @@ namespace openvpn { return false; } + // remove all spaces in string + inline std::string remove_spaces(const std::string& str) + { + std::string ret; + for (std::string::const_iterator i = str.begin(); i != str.end(); ++i) + { + char c = *i; + if (!is_space(c)) + ret += c; + } + return ret; + } + // replace all spaces in string with rep inline std::string replace_spaces(const std::string& str, const char rep) { diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/parseutil.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/parseutil.hpp index 1bd0b74..13dd138 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/parseutil.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/parseutil.hpp @@ -36,13 +36,13 @@ namespace openvpn { // Check if a byte is an HTTP character. inline bool is_char(const unsigned char c) { - return c >= 0 && c <= 127; + return c <= 127; } // Check if a byte is an HTTP control character. inline bool is_ctl(const unsigned char c) { - return (c >= 0 && c <= 31) || (c == 127); + return (c <= 31)|| (c == 127); } // Check if a byte is defined as an HTTP tspecial character. diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/reply.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/reply.hpp index 9c303af..6f3c058 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/reply.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/http/reply.hpp @@ -93,6 +93,7 @@ namespace openvpn { public: enum status { + undefined, pending, fail, success, diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kostats.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kostats.hpp index d64452b..5c494e4 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kostats.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kostats.hpp @@ -30,6 +30,7 @@ #include #include +#include #include namespace openvpn { @@ -57,7 +58,7 @@ namespace openvpn { void output_percpu(std::ostream& os) const { std::unique_ptr pcs; - unsigned int stats_cap = 16; + unsigned int stats_cap = std::max(16, n_cores()); for (int i = 0; i < 2; ++i) { const size_t pcs_size = sizeof(struct ovpn_percpu_stats) + diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kovpn.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kovpn.hpp index 32dd07c..4fc8f55 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kovpn.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/kovpn/kovpn.hpp @@ -24,10 +24,12 @@ #ifndef OPENVPN_KOVPN_KOVPN_HPP #define OPENVPN_KOVPN_KOVPN_HPP +// Not including this file causes redefinition errors +// when the sys/ and linux/ headers below are included +// before Asio. +#include + #include -#include -#include -#include extern "C" { #include diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/mbedtls/pki/x509cert.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/mbedtls/pki/x509cert.hpp index 11b8434..81b2632 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/mbedtls/pki/x509cert.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/mbedtls/pki/x509cert.hpp @@ -93,14 +93,14 @@ namespace openvpn { size_t olen = 0; int ret; - ret = mbedtls_pem_write_buffer(begin_cert.c_str(), end_cert.c_str(), der, + ret = mbedtls_pem_write_buffer(begin_cert, end_cert, der, der_size, NULL, 0, &olen); if (ret != MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) throw MbedTLSException("X509Cert::extract: can't calculate PEM size"); BufferAllocated buff(olen, 0); - ret = mbedtls_pem_write_buffer(begin_cert.c_str(), end_cert.c_str(), der, + ret = mbedtls_pem_write_buffer(begin_cert, end_cert, der, der_size, buff.data(), buff.max_size(), &olen); if (ret) throw MbedTLSException("X509Cert::extract: can't write PEM buffer"); @@ -158,12 +158,9 @@ namespace openvpn { } } - static const std::string begin_cert; - static const std::string end_cert; + constexpr static const char* begin_cert = "-----BEGIN CERTIFICATE-----\n";; + constexpr static const char* end_cert = "-----END CERTIFICATE-----\n";; }; - - const std::string X509Cert::begin_cert = "-----BEGIN CERTIFICATE-----\n"; - const std::string X509Cert::end_cert = "-----END CERTIFICATE-----\n"; } } diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/time.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/time.hpp index 2400585..604806f 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/time.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/time.hpp @@ -268,6 +268,8 @@ namespace openvpn { { if (!defined()) return "UNDEF-TIME"; + if (is_infinite()) + return "INF"; const double df = delta_float(t); std::string ret; if (df >= 0.0) diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/timestr.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/timestr.hpp index ec20644..3b41065 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/timestr.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/time/timestr.hpp @@ -25,13 +25,15 @@ #define OPENVPN_TIME_TIMESTR_H #include -#include // for std::strlen +#include // for std::strlen and std::memset #include #include #include +#include // for std::uint64_t #include #include +#include #if defined(OPENVPN_PLATFORM_WIN) #include @@ -72,6 +74,7 @@ namespace openvpn { struct tm lt; char buf[64]; + std::memset(<, 0, sizeof(lt)); if (!localtime_r(&t, <)) return "LOCALTIME_ERROR"; if (!asctime_r(<, buf)) @@ -82,6 +85,22 @@ namespace openvpn { return std::string(buf); } + inline std::string date_time_utc(const time_t t) + { + struct tm lt; + char buf[64]; + + std::memset(<, 0, sizeof(lt)); + if (!gmtime_r(&t, <)) + return "GMTIME_ERROR"; + if (!asctime_r(<, buf)) + return "ASCTIME_ERROR"; + const size_t len = std::strlen(buf); + if (len > 0 && buf[len-1] == '\n') + buf[len-1] = '\0'; + return std::string(buf); + } + // msecs == false : Tue Feb 17 01:24:30 2015 // msecs == true : Tue Feb 17 01:24:30.123 2015 inline std::string date_time(const struct timeval *tv, const bool msecs) @@ -93,9 +112,9 @@ namespace openvpn { const size_t pos = dt.find_last_of(':'); if (pos != std::string::npos && pos + 3 < dt.length() - && isdigit(dt[pos+1]) - && isdigit(dt[pos+2]) - && isspace(dt[pos+3])) + && string::is_digit(dt[pos+1]) + && string::is_digit(dt[pos+2]) + && string::is_space(dt[pos+3])) { char ms[5]; ::snprintf(ms, sizeof(ms), ".%03u", static_cast(tv->tv_usec / 1000)); @@ -105,6 +124,28 @@ namespace openvpn { return dt; } + inline std::string nanosec_time_to_string(const std::uint64_t ns_time) + { + const std::uint64_t sec = ns_time / std::uint64_t(1000000000); + const std::uint64_t ns = ns_time % std::uint64_t(1000000000); + + const std::string dt = date_time_utc(sec); + + // find correct position in string to insert nanoseconds + const size_t pos = dt.find_last_of(':'); + if (pos != std::string::npos + && pos + 3 < dt.length() + && string::is_digit(dt[pos+1]) + && string::is_digit(dt[pos+2]) + && string::is_space(dt[pos+3])) + { + char ms[11]; + ::snprintf(ms, sizeof(ms), ".%09u", (unsigned int)ns); + return dt.substr(0, pos+3) + ms + dt.substr(pos+3); + } + return dt; + } + inline std::string date_time() { struct timeval tv; diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/transport/protocol.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/transport/protocol.hpp index 3c75c03..fcf43ce 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/transport/protocol.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/transport/protocol.hpp @@ -26,7 +26,7 @@ #include // for std::uint32_t, etc. #include -#include +#include #include #include diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/client/tunsetup.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/client/tunsetup.hpp index fb56442..3f56cc0 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/client/tunsetup.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/client/tunsetup.hpp @@ -41,6 +41,8 @@ #include #include #include +#include +#include #include #include @@ -317,7 +319,7 @@ namespace openvpn { cmd->argv.push_back("/sbin/ifconfig"); cmd->argv.push_back(iface_name); cmd->argv.push_back(local4->address); - cmd->argv.push_back(local4->address); + cmd->argv.push_back(local4->gateway); cmd->argv.push_back("netmask"); cmd->argv.push_back(netmask.to_string()); cmd->argv.push_back("mtu"); @@ -463,6 +465,9 @@ namespace openvpn { create, destroy); } + + if (pull.proxy_auto_config_url.defined()) + ProxySettings::add_actions(pull, create, destroy); } ActionList::Ptr remove_cmds; diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/dsdict.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/dsdict.hpp new file mode 100644 index 0000000..a763ce6 --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/dsdict.hpp @@ -0,0 +1,184 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2018 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +#pragma once + +namespace openvpn { + class DSDict { + public: + OPENVPN_EXCEPTION(dsdict_error); + + DSDict(CF::DynamicStore& sc_arg, const std::string& sname_arg, const std::string& dskey_arg) + : sc(sc_arg), + sname(sname_arg), + dskey(dskey_arg), + dict(CF::DynamicStoreCopyDict(sc_arg, dskey)) { } + + bool dirty() const + { + return mod.defined() ? !CFEqual(dict(), mod()) : false; + } + + bool push_to_store() + { + if (dirty()) + { + const CF::String keystr = CF::string(dskey); + if (SCDynamicStoreSetValue(sc(), keystr(), mod())) + { + OPENVPN_LOG("DSDict: updated " << dskey); + return true; + } + else + OPENVPN_LOG("DSDict: ERROR updating " << dskey); + } + return false; + } + + bool remove_from_store() + { + if (dirty()) + throw dsdict_error("internal error: remove_from_store called on modified dict"); + const CF::String keystr = CF::string(dskey); + if (SCDynamicStoreRemoveValue(sc(), keystr())) + { + OPENVPN_LOG("DSDict: removed " << dskey); + return true; + } + else + { + OPENVPN_LOG("DSDict: ERROR removing " << dskey); + return false; + } + } + + void will_modify() + { + if (!mod.defined()) + mod = CF::mutable_dict_copy(dict); + } + + void mod_reset() + { + mod = CF::mutable_dict(); + } + + void backup_orig(const std::string& key, const bool wipe_orig=true) + { + const CF::String k = CF::string(key); + const CF::String orig = orig_key(key); + if (!CFDictionaryContainsKey(dict(), orig())) + { + const CF::String delval = delete_value(); + CFTypeRef v = CFDictionaryGetValue(dict(), k()); + if (!v) + v = delval(); + will_modify(); + CFDictionarySetValue(mod(), orig(), v); + } + if (wipe_orig) + { + will_modify(); + CFDictionaryRemoveValue(mod(), k()); + } + } + + void restore_orig() + { + const CFIndex size = CFDictionaryGetCount(dict()); + std::unique_ptr keys(new const void *[size]); + std::unique_ptr values(new const void *[size]); + CFDictionaryGetKeysAndValues(dict(), keys.get(), values.get()); + const CF::String orig_prefix = orig_key(""); + const CFIndex orig_prefix_len = CFStringGetLength(orig_prefix()); + const CF::String delval = delete_value(); + for (CFIndex i = 0; i < size; ++i) + { + const CF::String key = CF::string_cast(keys[i]); + if (CFStringHasPrefix(key(), orig_prefix())) + { + const CFIndex key_len = CFStringGetLength(key()); + if (key_len > orig_prefix_len) + { + const CFRange r = CFRangeMake(orig_prefix_len, key_len - orig_prefix_len); + const CF::String k(CFStringCreateWithSubstring(kCFAllocatorDefault, key(), r)); + const CFTypeRef v = values[i]; + const CF::String vstr = CF::string_cast(v); + will_modify(); + if (vstr.defined() && CFStringCompare(vstr(), delval(), 0) == kCFCompareEqualTo) + CFDictionaryRemoveValue(mod(), k()); + else + CFDictionaryReplaceValue(mod(), k(), v); + CFDictionaryRemoveValue(mod(), key()); + } + } + } + } + + std::string to_string() const + { + std::ostringstream os; + os << "*** DSDict " << dskey << std::endl; + std::string orig = CF::description(dict()); + string::trim_crlf(orig); + os << "ORIG " << orig << std::endl; + if (dirty()) + { + std::string modstr = CF::description(mod()); + string::trim_crlf(modstr); + os << "MODIFIED " << modstr << std::endl; + } + return os.str(); + } + + static CF::DynamicStore ds_create(const std::string& sname) + { + CF::String sn = CF::string(sname); + return CF::DynamicStore(SCDynamicStoreCreate(kCFAllocatorDefault, sn(), nullptr, nullptr)); + } + + static bool signal_network_reconfiguration(const std::string& sname) + { + const char *key = "Setup:/Network/Global/IPv4"; + CF::DynamicStore sc = ds_create(sname); + const CF::String cfkey = CF::string(key); + OPENVPN_LOG("DSDict: SCDynamicStoreNotifyValue " << key); + return bool(SCDynamicStoreNotifyValue(sc(), cfkey())); + } + + CF::DynamicStore sc; + const std::string sname; + const std::string dskey; + const CF::Dict dict; + CF::MutableDict mod; + + private: + CF::String orig_key(const std::string& key) const + { + return CF::string(sname + "Orig" + key); + } + + CF::String delete_value() const + { + return CF::string(sname + "DeleteValue"); + } + }; +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macdns.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macdns.hpp index afd8b56..f9521a4 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macdns.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macdns.hpp @@ -36,6 +36,7 @@ #include #include #include +#include namespace openvpn { class MacDNS : public RC @@ -141,11 +142,7 @@ namespace openvpn { bool signal_network_reconfiguration() { - const char *key = "Setup:/Network/Global/IPv4"; - CF::DynamicStore sc = ds_create(); - const CF::String cfkey = CF::string(key); - OPENVPN_LOG("MacDNS: SCDynamicStoreNotifyValue " << key); - return bool(SCDynamicStoreNotifyValue(sc(), cfkey())); + return DSDict::signal_network_reconfiguration(sname); } bool setdns(const Config& config) @@ -317,152 +314,7 @@ namespace openvpn { } return mod; } - - class DSDict { - public: - DSDict(CF::DynamicStore& sc_arg, const std::string& sname_arg, const std::string& dskey_arg) - : sc(sc_arg), - sname(sname_arg), - dskey(dskey_arg), - dict(CF::DynamicStoreCopyDict(sc_arg, dskey)) - { - } - - bool dirty() const - { - return mod.defined() ? !CFEqual(dict(), mod()) : false; - } - - bool push_to_store() - { - if (dirty()) - { - const CF::String keystr = CF::string(dskey); - if (SCDynamicStoreSetValue(sc(), keystr(), mod())) - { - OPENVPN_LOG("MacDNS: updated " << dskey); - return true; - } - else - OPENVPN_LOG("MacDNS: ERROR updating " << dskey); - } - return false; - } - - bool remove_from_store() - { - if (dirty()) - throw macdns_error("internal error: remove_from_store called on modified dict"); - const CF::String keystr = CF::string(dskey); - if (SCDynamicStoreRemoveValue(sc(), keystr())) - { - OPENVPN_LOG("MacDNS: removed " << dskey); - return true; - } - else - { - OPENVPN_LOG("MacDNS: ERROR removing " << dskey); - return false; - } - } - - void will_modify() - { - if (!mod.defined()) - mod = CF::mutable_dict_copy(dict); - } - - void mod_reset() - { - mod = CF::mutable_dict(); - } - - void backup_orig(const std::string& key, const bool wipe_orig=true) - { - const CF::String k = CF::string(key); - const CF::String orig = orig_key(key); - if (!CFDictionaryContainsKey(dict(), orig())) - { - const CF::String delval = delete_value(); - CFTypeRef v = CFDictionaryGetValue(dict(), k()); - if (!v) - v = delval(); - will_modify(); - CFDictionarySetValue(mod(), orig(), v); - } - if (wipe_orig) - { - will_modify(); - CFDictionaryRemoveValue(mod(), k()); - } - } - - void restore_orig() - { - const CFIndex size = CFDictionaryGetCount(dict()); - std::unique_ptr keys(new const void *[size]); - std::unique_ptr values(new const void *[size]); - CFDictionaryGetKeysAndValues(dict(), keys.get(), values.get()); - const CF::String orig_prefix = orig_key(""); - const CFIndex orig_prefix_len = CFStringGetLength(orig_prefix()); - const CF::String delval = delete_value(); - for (CFIndex i = 0; i < size; ++i) - { - const CF::String key = CF::string_cast(keys[i]); - if (CFStringHasPrefix(key(), orig_prefix())) - { - const CFIndex key_len = CFStringGetLength(key()); - if (key_len > orig_prefix_len) - { - const CFRange r = CFRangeMake(orig_prefix_len, key_len - orig_prefix_len); - const CF::String k(CFStringCreateWithSubstring(kCFAllocatorDefault, key(), r)); - const CFTypeRef v = values[i]; - const CF::String vstr = CF::string_cast(v); - will_modify(); - if (vstr.defined() && CFStringCompare(vstr(), delval(), 0) == kCFCompareEqualTo) - CFDictionaryRemoveValue(mod(), k()); - else - CFDictionaryReplaceValue(mod(), k(), v); - CFDictionaryRemoveValue(mod(), key()); - } - } - } - } - - std::string to_string() const - { - std::ostringstream os; - os << "*** DSDict " << dskey << std::endl; - std::string orig = CF::description(dict()); - string::trim_crlf(orig); - os << "ORIG " << orig << std::endl; - if (dirty()) - { - std::string modstr = CF::description(mod()); - string::trim_crlf(modstr); - os << "MODIFIED " << modstr << std::endl; - } - return os.str(); - } - - CF::DynamicStore sc; - const std::string sname; - const std::string dskey; - const CF::Dict dict; - CF::MutableDict mod; - - private: - CF::String orig_key(const std::string& key) const - { - return CF::string(sname + "Orig" + key); - } - - CF::String delete_value() const - { - return CF::string(sname + "DeleteValue"); - } - }; - + class Info : public RC { public: @@ -510,8 +362,7 @@ namespace openvpn { CF::DynamicStore ds_create() const { - CF::String sn = CF::string(sname); - return CF::DynamicStore(SCDynamicStoreCreate(kCFAllocatorDefault, sn(), nullptr, nullptr)); + return DSDict::ds_create(sname); } const std::string sname; diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macproxy.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macproxy.hpp new file mode 100644 index 0000000..992275f --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/mac/macproxy.hpp @@ -0,0 +1,99 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2018 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +#pragma once + +#include +#include + +namespace openvpn { + class MacProxySettings : public ProxySettings + { + public: + OPENVPN_EXCEPTION(macproxy_error); + + typedef RCPtr Ptr; + + class Info : public RC + { + public: + typedef RCPtr Ptr; + + Info(CF::DynamicStore& sc, const std::string& sname) + : ipv4(sc, sname, "State:/Network/Global/IPv4"), + info(sc, sname, "State:/Network/Service/" + sname + "/Info"), + proxy(sc, sname, proxies(ipv4.dict, info.dict)) { } + + std::string to_string() const + { + std::ostringstream os; + os << ipv4.to_string(); + os << info.to_string(); + os << proxy.to_string(); + return os.str(); + } + + DSDict ipv4; + DSDict info; + DSDict proxy; + + private: + static std::string proxies(const CF::Dict& ipv4, const CF::Dict& info) + { + std::string serv = CF::dict_get_str(ipv4, "PrimaryService"); + if (serv.empty()) + serv = CF::dict_get_str(info, "PrimaryService"); + if (serv.empty()) + throw macproxy_error("no primary service"); + return "Setup:/Network/Service/" + serv + "/Proxies"; + } + }; + + MacProxySettings(const TunBuilderCapture::ProxyAutoConfigURL& config_arg) + : ProxySettings(config_arg) { } + + void set_proxy(bool del) override + { + if (!config.defined()) + return; + + CF::DynamicStore sc = DSDict::ds_create(sname); + Info::Ptr info(new Info(sc, sname)); + + info->proxy.will_modify(); + + if (!del) + { + info->proxy.backup_orig("ProxyAutoConfigEnable"); + CF::dict_set_int(info->proxy.mod, "ProxyAutoConfigEnable", 1); + + info->proxy.backup_orig("ProxyAutoConfigURLString"); + CF::dict_set_str(info->proxy.mod, "ProxyAutoConfigURLString", config.to_string()); + } + else + info->proxy.restore_orig(); + + info->proxy.push_to_store(); + + OPENVPN_LOG("MacProxy: set_proxy " << info->to_string()); + } + }; +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/proxy.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/proxy.hpp new file mode 100644 index 0000000..f5ef4d3 --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/proxy.hpp @@ -0,0 +1,84 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2018 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +#pragma once + +#include +#include + +namespace openvpn { + class ProxySettings : public RC + { + public: + OPENVPN_EXCEPTION(proxy_error); + + typedef RCPtr Ptr; + + class ProxyAction : public Action + { + public: + typedef RCPtr Ptr; + + ProxyAction(ProxySettings::Ptr parent_arg, bool del_arg) + : parent(parent_arg), del(del_arg) { } + + virtual void execute(std::ostream& os) override + { + os << to_string() << std::endl; + if (parent) + parent->set_proxy(del); + } + + virtual std::string to_string() const override + { + std::ostringstream os; + if (parent && parent->config.defined()) + os << "ProxyAction: auto config: " << parent->config.to_string(); + return os.str(); + } + + private: + const ProxySettings::Ptr parent; + bool del; + }; + + ProxySettings(const TunBuilderCapture::ProxyAutoConfigURL& config_arg) + : config(config_arg) { } + + virtual void set_proxy(bool del) = 0; + + template + static void add_actions(const TunBuilderCapture& settings, + ActionList& create, + ActionList& destroy) + { + ProxySettings::Ptr proxy(new T(settings.proxy_auto_config_url)); + ProxyAction::Ptr create_action(new ProxyAction(proxy, false)); + ProxyAction::Ptr destroy_action(new ProxyAction(proxy, true)); + create.add(create_action); + destroy.add(destroy_action); + } + + const std::string sname = "OpenVPNConnect"; + + TunBuilderCapture::ProxyAutoConfigURL config; + }; +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/client/tunsetup.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/client/tunsetup.hpp index ef74426..750ea0b 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/client/tunsetup.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/client/tunsetup.hpp @@ -4,7 +4,7 @@ // packet encryption, packet authentication, and // packet compression. // -// Copyright (C) 2012-2017 OpenVPN Inc. +// Copyright (C) 2012-2017 OpenVPN Inc. // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License Version 3 @@ -37,12 +37,14 @@ #include #include #include -#include #include +#include +#include +#include +#include +#include #include #include -#include -#include #if _WIN32_WINNT >= 0x0600 // Vista+ #include @@ -603,6 +605,10 @@ namespace openvpn { } } + OPENVPN_LOG("proxy_auto_config_url " << pull.proxy_auto_config_url.url); + if (pull.proxy_auto_config_url.defined()) + ProxySettings::add_actions(pull, create, destroy); + // flush DNS cache create.add(new WinCmd("ipconfig /flushdns")); destroy.add(new WinCmd("ipconfig /flushdns")); diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/nrpt.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/nrpt.hpp index 516b515..6b2bd67 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/nrpt.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/nrpt.hpp @@ -4,7 +4,7 @@ // packet encryption, packet authentication, and // packet compression. // -// Copyright (C) 2012-2017 OpenVPN Inc. +// Copyright (C) 2012-2018 OpenVPN Inc. // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License Version 3 @@ -58,11 +58,7 @@ namespace openvpn { auto key_name = ss.str(); const LONG status = ::RegCreateKeyA(HKEY_LOCAL_MACHINE, key_name.c_str(), key.ref()); - if (status != ERROR_SUCCESS) - { - const Win::Error err(status); - OPENVPN_THROW(nrpt_error, "cannot open/create registry key " << key_name << " : " << err.message()); - } + check_reg_error(status, key_name); } // Name @@ -75,11 +71,7 @@ namespace openvpn { REG_MULTI_SZ, (const BYTE *)name.c_str(), (name.length()+1)*2); - if (status != ERROR_SUCCESS) - { - const Win::Error err(status); - OPENVPN_THROW(nrpt_error, "cannot set registry value for 'Name' : " << err.message()); - } + check_reg_error(status, "Name"); } // GenericDNSServers @@ -91,11 +83,7 @@ namespace openvpn { REG_SZ, (const BYTE *)dns_servers_joined.c_str(), (dns_servers_joined.length()+1)*2); - if (status != ERROR_SUCCESS) - { - const Win::Error err(status); - OPENVPN_THROW(nrpt_error, "cannot set registry value for 'GenericDNSServers' : " << err.message()); - } + check_reg_error(status, "GenericDNSServers"); } // ConfigOptions @@ -107,11 +95,7 @@ namespace openvpn { REG_DWORD, (const BYTE *)&value, sizeof(value)); - if (status != ERROR_SUCCESS) - { - const Win::Error err(status); - OPENVPN_THROW(nrpt_error, "cannot set registry value for 'ConfigOptions' : " << err.message()); - } + check_reg_error(status, "ConfigOptions"); } // Version @@ -123,11 +107,7 @@ namespace openvpn { REG_DWORD, (const BYTE *)&value, sizeof(value)); - if (status != ERROR_SUCCESS) - { - const Win::Error err(status); - OPENVPN_THROW(nrpt_error, "cannot set registry value for 'Version' : " << err.message()); - } + check_reg_error(status, "Version"); } } } diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/winproxy.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/winproxy.hpp new file mode 100644 index 0000000..6a1f78e --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/tun/win/winproxy.hpp @@ -0,0 +1,182 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2017 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . +// + +// proxy settings for Windows + +#pragma once + +#include + +#include +#include +#include + +using namespace openvpn::Win; + +namespace openvpn { + namespace TunWin { + class WinProxySettings : public ProxySettings { + public: + typedef RCPtr Ptr; + + WinProxySettings(const TunBuilderCapture::ProxyAutoConfigURL& config_arg) + : ProxySettings(config_arg) { } + + void set_proxy(bool del) override + { + ImpersonateAsUser imp; + + LONG status; + RegKey hkcu; + RegKey key; + + status = ::RegOpenCurrentUser(KEY_QUERY_VALUE | KEY_SET_VALUE, hkcu.ref()); + check_reg_error(status, "RegOpenCurrentUser"); + + status = ::RegCreateKeyExA(hkcu(), key_name, 0, NULL, 0, KEY_QUERY_VALUE | KEY_SET_VALUE, NULL, key.ref(), NULL); + check_reg_error(status, key_name); + + if (!del) + { + save_key(key, "AutoConfigURL", config.url, true); + save_key(key, "ProxyEnable", "0", false); + } + else + { + restore_key(key, "AutoConfigURL", true); + restore_key(key, "ProxyEnable", false); + } + + // WinInet API cannot be called from service, even via impersonation + if (!imp.is_local_system()) + { + OPENVPN_LOG("Refresh proxy settings"); + + InternetSetOptionA(NULL, INTERNET_OPTION_SETTINGS_CHANGED, NULL, 0); + InternetSetOptionA(NULL, INTERNET_OPTION_REFRESH, NULL, 0); + } + } + + private: + void restore_key(Win::RegKey& regkey, const std::string& key, bool str) + { + LONG status; + char prev_val_str[1024] = { 0 }; // should be enough to fit proxy URL + DWORD prev_val_dword; + DWORD prev_buf_size = str ? sizeof(prev_val_str) : sizeof(prev_val_dword); + bool del = false; + Win::RegKey hkcu; + + status = ::RegOpenCurrentUser(KEY_QUERY_VALUE | KEY_SET_VALUE, hkcu.ref()); + check_reg_error(status, "RegOpenCurrentUser"); + + // get previous value + std::string prev_key_name = sname + key; + status = ::RegGetValueA(hkcu(), + key_name, + prev_key_name.c_str(), + str ? RRF_RT_REG_SZ : RRF_RT_REG_DWORD, + NULL, + str ? (PVOID)prev_val_str : (PVOID)&prev_val_dword, + &prev_buf_size); + check_reg_error(status, prev_key_name); + + RegDeleteValueA(regkey(), prev_key_name.c_str()); + + // check if previous value needs to be deleted + if (str) + del = strcmp(delete_value_str, prev_val_str) == 0; + else + del = prev_val_dword == delete_value_dword; + + if (del) + ::RegDeleteValueA(regkey(), key.c_str()); + else + ::RegSetValueExA(regkey(), + key.c_str(), + 0, + str ? REG_SZ : REG_DWORD, + str ? (const BYTE *)prev_val_str : (CONST BYTE *)&prev_val_dword, + str ? strlen(prev_val_str) + 1 : sizeof(prev_val_dword)); + } + + void save_key(Win::RegKey& regkey, const std::string& key, const std::string& value, bool str) + { + LONG status; + char prev_val_str[1024] = { 0 }; // should be enought to fit proxy URL + DWORD prev_val_dword; + DWORD prev_buf_size = str ? sizeof(prev_val_str) : sizeof(prev_val_dword); + Win::RegKey hkcu; + + status = ::RegOpenCurrentUser(KEY_QUERY_VALUE | KEY_SET_VALUE, hkcu.ref()); + check_reg_error(status, "RegOpenCurrentUser"); + + // get original value + status = ::RegGetValueA(hkcu(), + key_name, + key.c_str(), + str ? RRF_RT_REG_SZ : RRF_RT_REG_DWORD, + NULL, + str ? (PVOID)prev_val_str : (PVOID)&prev_val_dword, + &prev_buf_size); + switch (status) + { + case ERROR_FILE_NOT_FOUND: + // mark that original value doesn't exist + strcpy(prev_val_str, delete_value_str); + prev_val_dword = delete_value_dword; + case ERROR_SUCCESS: + break; + default: + check_reg_error(status, key); + break; + } + + // save original value + std::string prev_key_name = sname + key; + status = ::RegSetValueExA(regkey(), + prev_key_name.c_str(), + 0, + str ? REG_SZ : REG_DWORD, + str ? (const BYTE *)prev_val_str : (CONST BYTE *)&prev_val_dword, + str ? strlen(prev_val_str) + 1 : sizeof(DWORD)); + check_reg_error(status, prev_key_name); + + // save new value + DWORD val_dword = 0; + if (!str) + val_dword = std::atol(value.c_str()); + status = ::RegSetValueExA(regkey(), + key.c_str(), + 0, + str ? REG_SZ : REG_DWORD, + str ? (const BYTE *)value.c_str() : (CONST BYTE *)&val_dword, + str ? value.length() + 1 : sizeof(val_dword)); + check_reg_error(status, key); + } + + const char* key_name = "Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings"; + const char* delete_value_str = "DeleteValue"; + const DWORD delete_value_dword = 0xCAFEBABE; + }; + } +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/impersonate.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/impersonate.hpp new file mode 100644 index 0000000..ea7b026 --- /dev/null +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/impersonate.hpp @@ -0,0 +1,136 @@ +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2018 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +#pragma once + +#include +#include +#include + +#include + +namespace openvpn { + namespace Win { + class ImpersonateAsUser { + public: + ImpersonateAsUser() : local_system(is_local_system_()) + { + if (local_system) + OPENVPN_LOG("ImpersonateAsUser: running under SYSTEM account, need to impersonate"); + else + { + OPENVPN_LOG("ImpersonateAsUser: running under user account, no need to impersonate"); + return; + } + + DWORD sessId = WTSGetActiveConsoleSessionId(); + if (sessId == 0xFFFFFFFF) + { + const Win::LastError err; + OPENVPN_LOG("ImpersonateAsUser: WTSGetActiveConsoleSessionId() failed: " << err.message()); + return; + } + + HANDLE hToken; + if (!WTSQueryUserToken(sessId, &hToken)) + { + const Win::LastError err; + OPENVPN_LOG("ImpersonateAsUser: WTSQueryUserToken() failed: " << err.message()); + return; + } + + if (!ImpersonateLoggedOnUser(hToken)) + { + CloseHandle(hToken); + + const Win::LastError err; + OPENVPN_LOG("ImpersonateAsUser: ImpersonateLoggedOnUser() failed: " << err.message()); + return; + } + + CloseHandle(hToken); + + impersonated = true; + + char uname[UNLEN + 1]; + DWORD len = UNLEN + 1; + GetUserNameA(uname, &len); + OPENVPN_LOG("ImpersonateAsUser: impersonated as " << uname); + } + + ~ImpersonateAsUser() { + if (impersonated) + { + if (!RevertToSelf()) + { + const Win::LastError err; + OPENVPN_LOG("ImpersonateAsUser: RevertToSelf() failed: " << err.message()); + } + } + } + + bool is_local_system() const + { + return local_system; + } + + private: + // https://stackoverflow.com/a/4024388/227024 + BOOL is_local_system_() const + { + HANDLE hToken; + UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES]; + PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser; + ULONG cbTokenUser; + SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY; + PSID pSystemSid; + BOOL bSystem; + + // open process token + if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) + return FALSE; + + // retrieve user SID + if (!GetTokenInformation(hToken, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) + { + CloseHandle(hToken); + return FALSE; + } + + CloseHandle(hToken); + + // allocate LocalSystem well-known SID + if (!AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, + 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) return FALSE; + + // compare the user SID from the token with the LocalSystem SID + bSystem = EqualSid(pTokenUser->User.Sid, pSystemSid); + + FreeSid(pSystemSid); + + return bSystem; + } + + bool impersonated = false; + bool local_system = false; + }; + } +} diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/reg.hpp b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/reg.hpp index d4f6ecb..0e26b21 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/reg.hpp +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/openvpn/win/reg.hpp @@ -1,106 +1,117 @@ -// OpenVPN -- An application to securely tunnel IP networks -// over a single port, with support for SSL/TLS-based -// session authentication and key exchange, -// packet encryption, packet authentication, and -// packet compression. -// -// Copyright (C) 2012-2017 OpenVPN Inc. -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License Version 3 -// as published by the Free Software Foundation. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program in the COPYING file. -// If not, see . - -// registry utilities for Windows - -#ifndef OPENVPN_WIN_REG_H -#define OPENVPN_WIN_REG_H - -#include -#include - -namespace openvpn { - namespace Win { - - // HKEY wrapper - class RegKey - { - RegKey(const RegKey&) = delete; - RegKey& operator=(const RegKey&) = delete; - - public: - RegKey() : key(nullptr) {} - bool defined() const { return key != nullptr; } - HKEY* ref() { return &key; } - HKEY operator()() { return key; } - - ~RegKey() - { - if (defined()) - ::RegCloseKey(key); - } - private: - HKEY key; - }; - - class RegKeyEnumerator : public std::vector - { - public: - RegKeyEnumerator(HKEY hkey, const std::string& path) - { - RegKey regKey; - auto status = ::RegOpenKeyExA(hkey, - path.c_str(), - 0, - KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS, - regKey.ref()); - if (status != ERROR_SUCCESS) - return; - - DWORD subkeys_num; - status = ::RegQueryInfoKeyA(regKey(), - nullptr, - nullptr, - NULL, - &subkeys_num, - nullptr, - nullptr, - nullptr, - nullptr, - nullptr, - nullptr, - nullptr); - - if (status != ERROR_SUCCESS) - return; - - const int MAX_KEY_LENGTH = 255; - for (auto i = 0; i < subkeys_num; ++ i) - { - DWORD subkey_size = MAX_KEY_LENGTH; - char subkey[MAX_KEY_LENGTH]; - status = ::RegEnumKeyExA(regKey(), - i, - subkey, - &subkey_size, - nullptr, - nullptr, - nullptr, - nullptr); - if (status == ERROR_SUCCESS) - push_back(subkey); - } - } - }; - } -} - -#endif +// OpenVPN -- An application to securely tunnel IP networks +// over a single port, with support for SSL/TLS-based +// session authentication and key exchange, +// packet encryption, packet authentication, and +// packet compression. +// +// Copyright (C) 2012-2017 OpenVPN Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License Version 3 +// as published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program in the COPYING file. +// If not, see . + +// registry utilities for Windows + +#ifndef OPENVPN_WIN_REG_H +#define OPENVPN_WIN_REG_H + +#include +#include +#include + +namespace openvpn { + namespace Win { + + template + static void check_reg_error(DWORD status, const std::string& key) + { + if (status != ERROR_SUCCESS) + { + const Win::Error err(status); + OPENVPN_THROW(E, "registry key " << key << " error: " << err.message()); + } + } + + // HKEY wrapper + class RegKey + { + RegKey(const RegKey&) = delete; + RegKey& operator=(const RegKey&) = delete; + + public: + RegKey() : key(nullptr) {} + bool defined() const { return key != nullptr; } + HKEY* ref() { return &key; } + HKEY operator()() { return key; } + + ~RegKey() + { + if (defined()) + ::RegCloseKey(key); + } + private: + HKEY key; + }; + + class RegKeyEnumerator : public std::vector + { + public: + RegKeyEnumerator(HKEY hkey, const std::string& path) + { + RegKey regKey; + auto status = ::RegOpenKeyExA(hkey, + path.c_str(), + 0, + KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS, + regKey.ref()); + if (status != ERROR_SUCCESS) + return; + + DWORD subkeys_num; + status = ::RegQueryInfoKeyA(regKey(), + nullptr, + nullptr, + NULL, + &subkeys_num, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr); + + if (status != ERROR_SUCCESS) + return; + + const int MAX_KEY_LENGTH = 255; + for (auto i = 0; i < subkeys_num; ++ i) + { + DWORD subkey_size = MAX_KEY_LENGTH; + char subkey[MAX_KEY_LENGTH]; + status = ::RegEnumKeyExA(regKey(), + i, + subkey, + &subkey_size, + nullptr, + nullptr, + nullptr, + nullptr); + if (status == ERROR_SUCCESS) + push_back(subkey); + } + } + }; + } +} + +#endif diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/scripts/build b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/scripts/build index e78d98f..8f8ee88 100755 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/scripts/build +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/scripts/build @@ -100,6 +100,11 @@ if [ "$PLATFORM" = "linux" ] && [ "$OSSL" = "1" ] && [ "$NOSSL" != "1" ] && [ -z OPENSSL_SYS=1 fi +# building on Linux, use system LZ4 +if [ "$PLATFORM" = "linux" ] && [ "$LZ4" = "1" ] && [ -z "$LZ4_SYS" ]; then + LZ4_SYS=1 +fi + # default commands [ -z "$STRIP_CMD" ] && STRIP_CMD=strip [ -z "$GPP_CMD" ] && GPP_CMD=g++ diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/build.py b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/build.py index ff67364..f6c4548 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/build.py +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/build.py @@ -1,90 +1,90 @@ -#!/c/python27/python - -import os - -from utils import * - -def cli_cpp(parms): - return os.path.join(parms['OVPN3'], "core", "test", "ovpncli", "cli.cpp") - -def src_fn(parms, srcfile): - # Get source file name - if srcfile: - if '.' not in os.path.basename(srcfile): - srcfile += ".cpp" - else: - srcfile = cli_cpp(parms) - return srcfile - -def is_unit_test(argv): - unit_test = False - if len(argv) >= 2: - unit_test = argv[1] == "unittest" - return unit_test - -def src_fn_argv(parms, argv): - srcfile = None - if len(argv) >= 1: - srcfile = argv[0] - return src_fn(parms, srcfile) - -def build(parms, srcfile, unit_test=False): - # Debug? - if parms['DEBUG']: - dbg_rel_flags = "/Zi" - else: - dbg_rel_flags = "/O2" - - # Dictionary we will use to substitute parameters - # onto VC command line. - options = { - "ovpn3" : parms['OVPN3'], - "tap" : os.path.join(build_dir(parms), "tap-windows", "src"), - "tap_component_id" : parms['TAP_WIN_COMPONENT_ID'], - "asio" : os.path.join(build_dir(parms), "asio"), - "mbedtls" : os.path.join(build_dir(parms), "mbedtls"), - "lz4" : os.path.join(build_dir(parms), "lz4", "lib"), - "srcfile" : srcfile, - "extra_defs" : parms['CPP_EXTRA'], - "extra_inc" : "", - "extra_lib_path" : "", - "extra_lib" : "", - } - - vc_parms(parms, options) - - # Do we need to support XP and Win 2003? - arch = os.environ.get("ARCH", parms['ARCH']) - if arch == "x86_xp": - options['extra_defs'] += " /D_WIN32_WINNT=0x0501" # pre-Vista - else: - options['extra_defs'] += " /D_WIN32_WINNT=0x0600" # Vista and later - options['extra_lib'] += " fwpuclnt.lib" - - # Add jsoncpp (optional) - if parms.get('USE_JSONCPP'): - options["jsoncpp"] = os.path.join(build_dir(parms), "jsoncpp") - options['extra_inc'] += " /DHAVE_JSONCPP /I %(jsoncpp)s/dist" % options - options['extra_lib_path'] += " /LIBPATH:%(jsoncpp)s/dist" % options - options['extra_lib'] += " jsoncpp.lib" - - if unit_test: - options['extra_lib'] += " gtest.lib" - options['extra_inc'] += " /I %s" % os.path.join(parms["GTEST_ROOT"], "googletest", "include") - options['extra_lib_path'] += " /LIBPATH:%s" % os.path.join(parms["GTEST_ROOT"], "googlemock", "gtest", "Debug") - - # Build OpenVPN Connect - if parms.get("CONNECT"): - options['extra_inc'] += " /I " + os.path.join(parms['OVPN3'], "common") - - # build it - vc_cmd(parms, r"cl %(extra_defs)s /DNOMINMAX /D_CRT_SECURE_NO_WARNINGS /DUSE_ASIO /DASIO_STANDALONE /DASIO_NO_DEPRECATED /I %(asio)s\asio\include /DUSE_MBEDTLS /I %(mbedtls)s\include /DHAVE_LZ4 /I %(lz4)s%(extra_inc)s -DTAP_WIN_COMPONENT_ID=%(tap_component_id)s /I %(tap)s /I %(ovpn3)s\core /EHsc %(link_static_dynamic_flags)s /W0 %(dbg_rel_flags)s /nologo %(srcfile)s /link /LIBPATH:%(mbedtls)s\library /LIBPATH:%(lz4)s%(extra_lib_path)s mbedtls.lib lz4.lib%(extra_lib)s ws2_32.lib crypt32.lib iphlpapi.lib winmm.lib user32.lib gdi32.lib advapi32.lib wininet.lib shell32.lib ole32.lib rpcrt4.lib" % options, arch=os.environ.get("ARCH")) - -if __name__ == "__main__": - import sys - - params = read_params() - - src = src_fn_argv(params, sys.argv[1:]) - unit_test = is_unit_test(sys.argv[1:]) - build(params, src, unit_test) +#!/c/python27/python + +import os + +from utils import * + +def cli_cpp(parms): + return os.path.join(parms['OVPN3'], "core", "test", "ovpncli", "cli.cpp") + +def src_fn(parms, srcfile): + # Get source file name + if srcfile: + if '.' not in os.path.basename(srcfile): + srcfile += ".cpp" + else: + srcfile = cli_cpp(parms) + return srcfile + +def is_unit_test(argv): + unit_test = False + if len(argv) >= 2: + unit_test = argv[1] == "unittest" + return unit_test + +def src_fn_argv(parms, argv): + srcfile = None + if len(argv) >= 1: + srcfile = argv[0] + return src_fn(parms, srcfile) + +def build(parms, srcfile, unit_test=False): + # Debug? + if parms['DEBUG']: + dbg_rel_flags = "/Zi" + else: + dbg_rel_flags = "/O2" + + # Dictionary we will use to substitute parameters + # onto VC command line. + options = { + "ovpn3" : parms['OVPN3'], + "tap" : os.path.join(build_dir(parms), "tap-windows", "src"), + "tap_component_id" : parms['TAP_WIN_COMPONENT_ID'], + "asio" : os.path.join(build_dir(parms), "asio"), + "mbedtls" : os.path.join(build_dir(parms), "mbedtls"), + "lz4" : os.path.join(build_dir(parms), "lz4", "lib"), + "srcfile" : srcfile, + "extra_defs" : parms['CPP_EXTRA'], + "extra_inc" : "", + "extra_lib_path" : "", + "extra_lib" : "", + } + + vc_parms(parms, options) + + # Do we need to support XP and Win 2003? + arch = os.environ.get("ARCH", parms['ARCH']) + if arch == "x86_xp": + options['extra_defs'] += " /D_WIN32_WINNT=0x0501" # pre-Vista + else: + options['extra_defs'] += " /D_WIN32_WINNT=0x0600" # Vista and later + options['extra_lib'] += " fwpuclnt.lib" + + # Add jsoncpp (optional) + if parms.get('USE_JSONCPP'): + options["jsoncpp"] = os.path.join(build_dir(parms), "jsoncpp") + options['extra_inc'] += " /DHAVE_JSONCPP /I %(jsoncpp)s/dist" % options + options['extra_lib_path'] += " /LIBPATH:%(jsoncpp)s/dist" % options + options['extra_lib'] += " jsoncpp.lib" + + if unit_test: + options['extra_lib'] += " gtest.lib" + options['extra_inc'] += " /I %s" % os.path.join(parms["GTEST_ROOT"], "googletest", "include") + options['extra_lib_path'] += " /LIBPATH:%s" % os.path.join(parms["GTEST_ROOT"], "googlemock", "gtest", "Debug") + + # Build OpenVPN Connect + if parms.get("CONNECT"): + options['extra_inc'] += " /I " + os.path.join(parms['OVPN3'], "common") + + # build it + vc_cmd(parms, r"cl %(extra_defs)s /DNOMINMAX /D_CRT_SECURE_NO_WARNINGS /DUSE_ASIO /DASIO_STANDALONE /DASIO_NO_DEPRECATED /I %(asio)s\asio\include /DUSE_MBEDTLS /I %(mbedtls)s\include /DHAVE_LZ4 /I %(lz4)s%(extra_inc)s -DTAP_WIN_COMPONENT_ID=%(tap_component_id)s /I %(tap)s /I %(ovpn3)s\core /EHsc %(link_static_dynamic_flags)s /W0 %(dbg_rel_flags)s /nologo %(srcfile)s /link /LIBPATH:%(mbedtls)s\library /LIBPATH:%(lz4)s%(extra_lib_path)s mbedtls.lib lz4.lib%(extra_lib)s ws2_32.lib crypt32.lib iphlpapi.lib winmm.lib user32.lib gdi32.lib advapi32.lib wininet.lib shell32.lib ole32.lib rpcrt4.lib Wtsapi32.lib" % options, arch=os.environ.get("ARCH")) + +if __name__ == "__main__": + import sys + + params = read_params() + + src = src_fn_argv(params, sys.argv[1:]) + unit_test = is_unit_test(sys.argv[1:]) + build(params, src, unit_test) diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj index 5d670e8..bd9421d 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj @@ -1,516 +1,519 @@ - - - - - Debug - Win32 - - - Release - Win32 - - - Debug - x64 - - - Release - x64 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {1F891260-2039-494F-9777-EC5166AF31BC} - ovpn3core - 8.1 - cli - - - - Application - true - v140 - MultiByte - - - Application - false - v140 - true - MultiByte - - - Application - true - v140 - MultiByte - - - Application - false - v140 - true - MultiByte - - - - - - - - - - - TurnOffAllWarnings - Disabled - false - $(OVPN3_BUILD)\amd64\mbedtls\include;$(OVPN3_TAP_WINDOWS)\src;$(OVPN3_BUILD)\amd64\asio\asio\include;$(OVPN3_BUILD)\amd64\lz4\lib;$(OVPN3_CORE);%(AdditionalIncludeDirectories) - _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) - %(AdditionalOptions) - - - true - $(OVPN3_BUILD)\amd64\mbedtls\library;$(OVPN3_BUILD)\amd64\lz4\lib;%(AdditionalLibraryDirectories) - lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;%(AdditionalDependencies) - - - - - TurnOffAllWarnings - Disabled - false - _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) - $(OVPN3_ROOT)\deps\amd64\mbedtls\include;$(OVPN3_ROOT)\deps\amd64\tap-windows\src;$(OVPN3_ROOT)\deps\amd64\asio\asio\include;$(OVPN3_ROOT)\deps\amd64\lz4\lib;$(OVPN3_ROOT)\core;%(AdditionalIncludeDirectories) - false - ProgramDatabase - /bigobj %(AdditionalOptions) - MultiThreadedDebug - - - true - $(OVPN3_ROOT)\deps\amd64\mbedtls\library;$(OVPN3_ROOT)\deps\amd64\lz4\lib;%(AdditionalLibraryDirectories) - lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib - NotSet - - - - - TurnOffAllWarnings - MaxSpeed - true - true - false - _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) - $(OVPN3_BUILD)\amd64\mbedtls\include;$(OVPN3_TAP_WINDOWS)\src;$(OVPN3_BUILD)\amd64\asio\asio\include;$(OVPN3_BUILD)\amd64\lz4\lib;$(OVPN3_CORE);%(AdditionalIncludeDirectories) - - - true - true - true - $(OVPN3_BUILD)\amd64\mbedtls\library;$(OVPN3_BUILD)\amd64\lz4\lib;%(AdditionalLibraryDirectories) - lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;%(AdditionalDependencies) - - - - - TurnOffAllWarnings - MaxSpeed - true - true - false - _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) - $(OVPN3_ROOT)\deps\amd64\mbedtls\include;$(OVPN3_ROOT)\deps\amd64\tap-windows\src;$(OVPN3_ROOT)\deps\amd64\asio\asio\include;$(OVPN3_ROOT)\deps\amd64\lz4\lib;$(OVPN3_ROOT)\core;%(AdditionalIncludeDirectories) - MultiThreaded - - - true - true - true - $(OVPN3_ROOT)\deps\amd64\mbedtls\library;$(OVPN3_ROOT)\deps\amd64\lz4\lib;%(AdditionalLibraryDirectories) - lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;%(AdditionalDependencies) - - - - - + + + + + Debug + Win32 + + + Release + Win32 + + + Debug + x64 + + + Release + x64 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {1F891260-2039-494F-9777-EC5166AF31BC} + ovpn3core + 8.1 + cli + + + + Application + true + v140 + MultiByte + + + Application + false + v140 + true + MultiByte + + + Application + true + v140 + MultiByte + + + Application + false + v140 + true + MultiByte + + + + + + + + + + + TurnOffAllWarnings + Disabled + false + $(OVPN3_BUILD)\amd64\mbedtls\include;$(OVPN3_TAP_WINDOWS)\src;$(OVPN3_BUILD)\amd64\asio\asio\include;$(OVPN3_BUILD)\amd64\lz4\lib;$(OVPN3_CORE);%(AdditionalIncludeDirectories) + _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) + %(AdditionalOptions) + + + true + $(OVPN3_BUILD)\amd64\mbedtls\library;$(OVPN3_BUILD)\amd64\lz4\lib;%(AdditionalLibraryDirectories) + lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;%(AdditionalDependencies) + + + + + TurnOffAllWarnings + Disabled + false + _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) + $(OVPN3_ROOT)\deps\amd64\mbedtls\include;$(OVPN3_ROOT)\deps\amd64\tap-windows\src;$(OVPN3_ROOT)\deps\amd64\asio\asio\include;$(OVPN3_ROOT)\deps\amd64\lz4\lib;$(OVPN3_ROOT)\core;%(AdditionalIncludeDirectories) + false + ProgramDatabase + /bigobj %(AdditionalOptions) + MultiThreadedDebug + + + true + $(OVPN3_ROOT)\deps\amd64\mbedtls\library;$(OVPN3_ROOT)\deps\amd64\lz4\lib;%(AdditionalLibraryDirectories) + lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;Wtsapi32.lib + NotSet + + + + + TurnOffAllWarnings + MaxSpeed + true + true + false + _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) + $(OVPN3_BUILD)\amd64\mbedtls\include;$(OVPN3_TAP_WINDOWS)\src;$(OVPN3_BUILD)\amd64\asio\asio\include;$(OVPN3_BUILD)\amd64\lz4\lib;$(OVPN3_CORE);%(AdditionalIncludeDirectories) + + + true + true + true + $(OVPN3_BUILD)\amd64\mbedtls\library;$(OVPN3_BUILD)\amd64\lz4\lib;%(AdditionalLibraryDirectories) + lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;%(AdditionalDependencies) + + + + + TurnOffAllWarnings + MaxSpeed + true + true + false + _CRT_SECURE_NO_WARNINGS;NOMINMAX;_WIN32_WINNT=0x0600;USE_ASIO;ASIO_STANDALONE;USE_MBEDTLS;HAVE_LZ4;TAP_WIN_COMPONENT_ID=tap0901;%(PreprocessorDefinitions) + $(OVPN3_ROOT)\deps\amd64\mbedtls\include;$(OVPN3_ROOT)\deps\amd64\tap-windows\src;$(OVPN3_ROOT)\deps\amd64\asio\asio\include;$(OVPN3_ROOT)\deps\amd64\lz4\lib;$(OVPN3_ROOT)\core;%(AdditionalIncludeDirectories) + MultiThreaded + + + true + true + true + $(OVPN3_ROOT)\deps\amd64\mbedtls\library;$(OVPN3_ROOT)\deps\amd64\lz4\lib;%(AdditionalLibraryDirectories) + lz4.lib;mbedtls.lib;fwpuclnt.lib;ws2_32.lib;crypt32.lib;iphlpapi.lib;winmm.lib;advapi32.lib;wininet.lib;shell32.lib;ole32.lib;rpcrt4.lib;%(AdditionalDependencies) + + + + + \ No newline at end of file diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj.filters b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj.filters index 7c6fe2c..dbc6aef 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj.filters +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/ovpn3-core.vcxproj.filters @@ -1,384 +1,387 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/utils.py b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/utils.py index 2a2b85b..8b6ad1c 100644 --- a/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/utils.py +++ b/Sources/OpenVPNAdapter/Libraries/Vendors/openvpn/win/utils.py @@ -223,8 +223,8 @@ def vc_cmd(parms, cmd, arch=None, succeed=0): arch = parms['ARCH'] if arch == "x64": arch = "amd64" - with ModEnv('PATH', "%s;%s\\VC" % (os.environ['PATH'], parms['MSVC_DIR'])): - status = call('vcvarsall.bat %s && %s' % (arch, cmd), shell=True, succeed=succeed) + with ModEnv('PATH', "%s;%s\\VC;%s\\VC\\Auxiliary\\Build;" % (os.environ['PATH'], parms['MSVC_DIR'], parms['MSVC_DIR'])): + call('vcvarsall.bat %s && %s' % (arch, cmd), shell=True, succeed=succeed) def vc_parms(parms, cmd_dict): cmd_dict["dbg_rel_flags"] = "/Zi" if parms['DEBUG'] else "/O2" @@ -292,7 +292,7 @@ def read_params(): params['ARCH'] = os.environ.get('ARCH', 'amd64').rstrip() params['DEBUG'] = os.environ.get('DEBUG') params['STATIC'] = os.environ.get('STATIC') - params['MSVC_DIR'] = os.environ.get('MSVC_DIR', 'c:\\Program Files (x86)\\Microsoft Visual Studio 14.0').rstrip() + params['MSVC_DIR'] = os.environ.get('MSVC_DIR', 'c:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Professional').rstrip() # Community: tap0901, Access Server: tapoas params['TAP_WIN_COMPONENT_ID'] = os.environ.get('TAP_WIN_COMPONENT_ID', 'tap0901') params['CPP_EXTRA'] = os.environ.get('CPP_EXTRA', '').rstrip()