rsa,ec,dsa: improve coverage of de-/serialisation methods

openssl/src/cipher_ctx.rs

@@ -735,7 +735,7 @@ mod test {
     #[cfg(not(any(boringssl, awslc)))]
     fn seal_open() {
         let private_pem = include_bytes!("../test/rsa.pem");
-        let public_pem = include_bytes!("../test/rsa.pem.pub");
+        let public_pem = include_bytes!("../test/rsa.pub.pem");
         let private_key = PKey::private_key_from_pem(private_pem).unwrap();
         let public_key = PKey::public_key_from_pem(public_pem).unwrap();
         let cipher = Cipher::aes_256_cbc();

openssl/src/dsa.rs

@@ -539,6 +539,8 @@ mod test {
     use crate::pkey::PKey;
     #[cfg(not(any(boringssl, awslc_fips)))]
     use crate::sign::{Signer, Verifier};
+    use crate::symm::Cipher;
+    use std::str::from_utf8;
 
     #[test]
     pub fn test_generate() {
@@ -694,4 +696,63 @@ mod test {
         let s = format!("{:?}", sig);
         assert_eq!(s, "DsaSig { r: 774484690634577222213819810519929266740561094381, s: 910998676210681457251421818099943952372231273347 }");
     }
+
+    #[test]
+    fn test_private_key_to_pem() {
+        let key = Dsa::generate(512).unwrap();
+        let pem = key.private_key_to_pem().unwrap();
+        let pem_str = from_utf8(&pem).unwrap();
+        assert!(
+            pem_str.contains("-----BEGIN DSA PRIVATE KEY-----"),
+            "{pem_str}"
+        );
+    }
+
+    #[test]
+    fn test_private_key_to_pem_password() {
+        let key = Dsa::generate(512).unwrap();
+        let pem = key
+            .private_key_to_pem_passphrase(Cipher::aes_128_cbc(), b"foobar")
+            .unwrap();
+        let pem_str = from_utf8(&pem).unwrap();
+        assert!(
+            pem_str.contains("-----BEGIN DSA PRIVATE KEY-----"),
+            "{pem_str}"
+        );
+        assert!(pem_str.contains("ENCRYPTED"), "{pem_str}");
+        assert!(pem_str.contains("AES-128-CBC"), "{pem_str}");
+    }
+
+    #[test]
+    fn test_private_key_to_der() {
+        let key = Dsa::generate(512).unwrap();
+        key.private_key_to_der().unwrap();
+    }
+
+    #[test]
+    fn test_public_key_from_pem() {
+        Dsa::public_key_from_pem(include_bytes!("../test/dsa.pub.pem")).unwrap();
+    }
+
+    #[test]
+    fn test_public_key_from_der() {
+        Dsa::public_key_from_der(include_bytes!("../test/dsa.pub.der")).unwrap();
+    }
+
+    #[test]
+    fn test_public_key_to_pem() {
+        let key = Dsa::public_key_from_der(include_bytes!("../test/dsa.pub.der")).unwrap();
+        let pem = key.public_key_to_pem().unwrap();
+        assert_eq!(
+            from_utf8(&pem).unwrap(),
+            include_str!("../test/dsa.pub.pem").replace("\r\n", "\n")
+        );
+    }
+
+    #[test]
+    fn test_public_key_to_der() {
+        let key = Dsa::public_key_from_pem(include_bytes!("../test/dsa.pub.pem")).unwrap();
+        let der = key.public_key_to_der().unwrap();
+        assert_eq!(der, include_bytes!("../test/dsa.pub.der"));
+    }
 }

openssl/src/ec.rs

@@ -1026,10 +1026,91 @@ impl<T> fmt::Debug for EcKey<T> {
 #[cfg(test)]
 mod test {
     use hex::FromHex;
+    use std::str::from_utf8;
 
     use super::*;
     use crate::bn::{BigNum, BigNumContext};
     use crate::nid::Nid;
+    use crate::symm::Cipher;
+
+    #[test]
+    fn test_private_key_from_pem() {
+        EcKey::private_key_from_pem(include_bytes!("../test/ec.pem")).unwrap();
+    }
+
+    #[test]
+    fn test_private_key_from_pem_trad() {
+        EcKey::private_key_from_pem(include_bytes!("../test/ec.trad.pem")).unwrap();
+    }
+
+    #[test]
+    fn test_private_key_from_pem_password() {
+        let key = include_bytes!("../test/ec-encrypted.pem");
+        EcKey::private_key_from_pem_passphrase(key, b"mypass").unwrap();
+    }
+
+    #[test]
+    fn test_private_key_from_pem_callback() {
+        let mut password_queried = false;
+        let key = include_bytes!("../test/ec-encrypted.pem");
+        EcKey::private_key_from_pem_callback(key, |password| {
+            password_queried = true;
+            password[..6].copy_from_slice(b"mypass");
+            Ok(6)
+        })
+        .unwrap();
+
+        assert!(password_queried);
+    }
+
+    #[test]
+    fn test_private_key_from_der() {
+        EcKey::private_key_from_der(include_bytes!("../test/ec.der")).unwrap();
+    }
+
+    #[test]
+    fn test_private_key_to_pem() {
+        let key = EcKey::private_key_from_pem(include_bytes!("../test/ec.pem")).unwrap();
+        let pem = key.private_key_to_pem().unwrap();
+        assert_eq!(
+            from_utf8(&pem).unwrap(),
+            include_str!("../test/ec.trad.pem").replace("\r\n", "\n")
+        );
+    }
+
+    #[test]
+    fn test_private_key_to_pem_password() {
+        let key = EcKey::private_key_from_pem(include_bytes!("../test/ec.pem")).unwrap();
+        let pem = key
+            .private_key_to_pem_passphrase(Cipher::aes_128_cbc(), b"foobar")
+            .unwrap();
+        EcKey::private_key_from_pem_passphrase(&pem, b"foobar").unwrap();
+        assert!(EcKey::private_key_from_pem_passphrase(&pem, b"fizzbuzz").is_err());
+    }
+
+    #[test]
+    fn test_private_key_to_der() {
+        let key = EcKey::private_key_from_pem(include_bytes!("../test/ec.pem")).unwrap();
+        let der = key.private_key_to_der().unwrap();
+        assert_eq!(der, include_bytes!("../test/ec.der"));
+    }
+
+    #[test]
+    fn test_public_key_to_pem() {
+        let keypair = EcKey::private_key_from_pem(include_bytes!("../test/ec.pem")).unwrap();
+        let pubkey_pem = keypair.public_key_to_pem().unwrap();
+        assert_eq!(
+            from_utf8(&pubkey_pem).unwrap(),
+            include_str!("../test/ec.pub.pem").replace("\r\n", "\n")
+        );
+    }
+
+    #[test]
+    fn test_public_key_to_der() {
+        let keypair = EcKey::private_key_from_pem(include_bytes!("../test/ec.pem")).unwrap();
+        let pubkey_der = keypair.public_key_to_der().unwrap();
+        assert_eq!(pubkey_der, include_bytes!("../test/ec.pub.der"));
+    }
 
     #[test]
     fn key_new_by_curve_name() {

openssl/src/envelope.rs

@@ -158,7 +158,7 @@ mod test {
     #[test]
     fn public_encrypt_private_decrypt() {
         let private_pem = include_bytes!("../test/rsa.pem");
-        let public_pem = include_bytes!("../test/rsa.pem.pub");
+        let public_pem = include_bytes!("../test/rsa.pub.pem");
         let private_key = PKey::private_key_from_pem(private_pem).unwrap();
         let public_key = PKey::public_key_from_pem(public_pem).unwrap();
         let cipher = Cipher::aes_256_cbc();

openssl/src/rsa.rs

@@ -683,17 +683,37 @@ cfg_if! {
 #[cfg(test)]
 mod test {
     use crate::symm::Cipher;
+    use std::str::from_utf8;
 
     use super::*;
 
     #[test]
-    fn test_from_password() {
+    fn test_private_key_from_pem() {
+        Rsa::private_key_from_pem(include_bytes!("../test/rsa.pem")).unwrap();
+    }
+
+    #[test]
+    fn test_private_key_from_pem_pkcs1() {
+        Rsa::private_key_from_pem(include_bytes!("../test/rsa.pkcs1.pem")).unwrap();
+    }
+    #[test]
+    fn test_private_key_from_der() {
+        Rsa::private_key_from_der(include_bytes!("../test/rsa.der")).unwrap();
+    }
+
+    #[test]
+    fn test_private_key_from_der_pkcs1() {
+        Rsa::private_key_from_der(include_bytes!("../test/rsa.pkcs1.der")).unwrap();
+    }
+
+    #[test]
+    fn test_private_key_from_pem_password() {
         let key = include_bytes!("../test/rsa-encrypted.pem");
         Rsa::private_key_from_pem_passphrase(key, b"mypass").unwrap();
     }
 
     #[test]
-    fn test_from_password_callback() {
+    fn test_private_key_from_pem_callback() {
         let mut password_queried = false;
         let key = include_bytes!("../test/rsa-encrypted.pem");
         Rsa::private_key_from_pem_callback(key, |password| {
@@ -707,18 +727,35 @@ mod test {
     }
 
     #[test]
-    fn test_to_password() {
-        let key = Rsa::generate(2048).unwrap();
+    fn test_private_key_to_pem() {
+        let key = Rsa::private_key_from_der(include_bytes!("../test/rsa.der")).unwrap();
+        let pem = key.private_key_to_pem().unwrap();
+        assert_eq!(
+            from_utf8(&pem).unwrap(),
+            include_str!("../test/rsa.pkcs1.pem").replace("\r\n", "\n")
+        );
+    }
+
+    #[test]
+    fn test_private_key_to_pem_password() {
+        let key = Rsa::private_key_from_der(include_bytes!("../test/rsa.der")).unwrap();
         let pem = key
             .private_key_to_pem_passphrase(Cipher::aes_128_cbc(), b"foobar")
             .unwrap();
         Rsa::private_key_from_pem_passphrase(&pem, b"foobar").unwrap();
         assert!(Rsa::private_key_from_pem_passphrase(&pem, b"fizzbuzz").is_err());
     }
 
+    #[test]
+    fn test_private_key_to_der_pkcs1() {
+        let key = super::Rsa::private_key_from_pem(include_bytes!("../test/rsa.pem")).unwrap();
+        let der = key.private_key_to_der().unwrap();
+        assert_eq!(der, include_bytes!("../test/rsa.pkcs1.der"));
+    }
+
     #[test]
     fn test_public_encrypt_private_decrypt_with_padding() {
-        let key = include_bytes!("../test/rsa.pem.pub");
+        let key = include_bytes!("../test/rsa.pub.pem");
         let public_key = Rsa::public_key_from_pem(key).unwrap();
 
         let mut result = vec![0; public_key.size() as usize];
@@ -780,25 +817,48 @@ mod test {
     }
 
     #[test]
-    #[should_panic]
     fn test_public_key_from_pem_pkcs1_file_panic() {
         let key = include_bytes!("../test/key.pem.pub");
-        Rsa::public_key_from_pem_pkcs1(key).unwrap();
+        assert!(Rsa::public_key_from_pem_pkcs1(key).is_err());
     }
 
     #[test]
     fn test_public_key_to_pem_pkcs1() {
-        let keypair = super::Rsa::generate(512).unwrap();
+        let keypair = super::Rsa::private_key_from_der(include_bytes!("../test/rsa.der")).unwrap();
         let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap();
-        super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap();
+        assert_eq!(
+            from_utf8(&pubkey_pem).unwrap(),
+            include_str!("../test/rsa.pub.pkcs1.pem").replace("\r\n", "\n")
+        );
     }
 
     #[test]
-    #[should_panic]
-    fn test_public_key_from_pem_pkcs1_generate_panic() {
-        let keypair = super::Rsa::generate(512).unwrap();
+    fn test_public_key_to_pem() {
+        let keypair = super::Rsa::private_key_from_der(include_bytes!("../test/rsa.der")).unwrap();
         let pubkey_pem = keypair.public_key_to_pem().unwrap();
-        super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap();
+        assert_eq!(
+            from_utf8(&pubkey_pem).unwrap(),
+            include_str!("../test/rsa.pub.pem").replace("\r\n", "\n")
+        );
+    }
+
+    #[test]
+    fn test_public_key_to_der() {
+        let keypair = super::Rsa::private_key_from_pem(include_bytes!("../test/rsa.pem")).unwrap();
+        let pubkey_der = keypair.public_key_to_der().unwrap();
+        assert_eq!(pubkey_der, include_bytes!("../test/rsa.pub.der"));
+    }
+
+    #[test]
+    fn test_public_key_to_der_pkcs1() {
+        let keypair = super::Rsa::private_key_from_pem(include_bytes!("../test/rsa.pem")).unwrap();
+        let pubkey_der = keypair.public_key_to_der_pkcs1().unwrap();
+        assert_eq!(pubkey_der, include_bytes!("../test/rsa.pub.pkcs1.der"));
+    }
+
+    #[test]
+    fn test_public_key_from_pem_pkcs1_generate_panic() {
+        assert!(Rsa::public_key_from_der_pkcs1(include_bytes!("../test/rsa.pub.der")).is_err());
     }
 
     #[test]

openssl/test/ec-encrypted.pem

@@ -0,0 +1,8 @@
+-----BEGIN EC PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-128-CBC,0CE431CD7484C8C28D0D45E4A1B66BC5
+
+PwoYZlzNjwHZmo3rFTXBeIx/LVow/2MLcZiTW1xmrK62CJYkwum3HooRHTTuTnea
+r89nGbVqndEIUauZj9/b3z+vaGDisp5cIvqizoQdHwlg7ymDcCdA16kNIu57avV4
+wXqC9DbpPeXbv++J4u7oYpjBiOKeysxwecKrJt1PVIo=
+-----END EC PRIVATE KEY-----

openssl/test/ec.pem

@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgzgpiv88Is/MiM52M
+DM3trxVKP1zRfemMfsmaAlR29QChRANCAATObF661wl1ITDTDX3Q7ZCe+Zd6KOwB
+7mJeZu9/6gOIosLO8QDwVOQSXKXvaeE+cZq9Hi8J3XccSe3uQl0JZ1sb
+-----END PRIVATE KEY-----

openssl/test/ec.pub.pem

@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzmxeutcJdSEw0w190O2QnvmXeijs
+Ae5iXmbvf+oDiKLCzvEA8FTkElyl72nhPnGavR4vCd13HEnt7kJdCWdbGw==
+-----END PUBLIC KEY-----

openssl/test/ec.trad.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIM4KYr/PCLPzIjOdjAzN7a8VSj9c0X3pjH7JmgJUdvUAoAoGCCqGSM49
+AwEHoUQDQgAEzmxeutcJdSEw0w190O2QnvmXeijsAe5iXmbvf+oDiKLCzvEA8FTk
+Elyl72nhPnGavR4vCd13HEnt7kJdCWdbGw==
+-----END EC PRIVATE KEY-----