Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package aws-c-cal for openSUSE:Factory
checked in at 2025-04-04 17:34:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/aws-c-cal (Old)
and /work/SRC/openSUSE:Factory/.aws-c-cal.new.1907 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aws-c-cal"
Fri Apr 4 17:34:23 2025 rev:17 rq:1267113 version:0.8.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/aws-c-cal/aws-c-cal.changes 2025-03-26
21:25:10.342870600 +0100
+++ /work/SRC/openSUSE:Factory/.aws-c-cal.new.1907/aws-c-cal.changes
2025-04-04 17:34:27.277370914 +0200
@@ -1,0 +2,9 @@
+Wed Apr 2 14:58:17 UTC 2025 - John Paul Adrian Glaubitz
<adrian.glaub...@suse.com>
+
+- Update to version 0.8.9
+ * RSA PKCS8 support by @DmitriyMusatkin in (#212)
+- from version 0.8.8
+ * Fix module export to respect ed25519 flag by @DmitriyMusatkin in (#210)
+ * Fix FindCrypto behavior on win by @DmitriyMusatkin in (#211)
+
+-------------------------------------------------------------------
Old:
----
v0.8.7.tar.gz
New:
----
v0.8.9.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ aws-c-cal.spec ++++++
--- /var/tmp/diff_new_pack.bzhnkB/_old 2025-04-04 17:34:29.425460634 +0200
+++ /var/tmp/diff_new_pack.bzhnkB/_new 2025-04-04 17:34:29.453461803 +0200
@@ -19,7 +19,7 @@
%define library_version 1.0.0
%define library_soversion 0unstable
Name: aws-c-cal
-Version: 0.8.7
+Version: 0.8.9
Release: 0
Summary: AWS C99 wrapper for cryptography primitives
License: Apache-2.0
++++++ v0.8.7.tar.gz -> v0.8.9.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/.github/workflows/ci.yml
new/aws-c-cal-0.8.9/.github/workflows/ci.yml
--- old/aws-c-cal-0.8.7/.github/workflows/ci.yml 2025-03-14
19:45:06.000000000 +0100
+++ new/aws-c-cal-0.8.9/.github/workflows/ci.yml 2025-04-01
22:25:21.000000000 +0200
@@ -179,7 +179,7 @@
- name: Build ${{ env.PACKAGE_NAME }}
run: |
python -c "from urllib.request import urlretrieve; urlretrieve('${{
env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION
}}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
- AWS_TEST_FIPS=1 python builder.pyz build -p ${{ env.PACKAGE_NAME }}
--variant=aws-lc-fips --cmake-extra=-DFIPS=ON
--cmake-extra=-DPERL_EXECUTABLE=perl --cmake-extra=-DGO_EXECUTABLE=go
+ AWS_TEST_FIPS=1 python builder.pyz build -p ${{ env.PACKAGE_NAME }}
--variant=aws-lc-fips --cmake-extra=-DFIPS=ON
--cmake-extra=-DPERL_EXECUTABLE=perl --cmake-extra=-DGO_EXECUTABLE=go
--cmake-extra=-DCMAKE_POLICY_VERSION_MINIMUM=3.5
windows:
runs-on: windows-2022 # latest
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/cmake/aws-c-cal-config.cmake
new/aws-c-cal-0.8.9/cmake/aws-c-cal-config.cmake
--- old/aws-c-cal-0.8.7/cmake/aws-c-cal-config.cmake 2025-03-14
19:45:06.000000000 +0100
+++ new/aws-c-cal-0.8.9/cmake/aws-c-cal-config.cmake 2025-04-01
22:25:21.000000000 +0200
@@ -2,8 +2,8 @@
find_dependency(aws-c-common)
-if (NOT @BYO_CRYPTO@ AND NOT WIN32 AND NOT APPLE) # if NOT BYO_CRYPTO AND NOT
WIN32 AND NOT APPLE
- if (@USE_OPENSSL@ AND NOT ANDROID) # if USE_OPENSSL AND NOT ANDROID
+if (NOT @BYO_CRYPTO@ AND (@AWS_USE_LIBCRYPTO_TO_SUPPORT_ED25519_EVERYWHERE@ OR
(NOT WIN32 AND NOT APPLE)))
+ if (@USE_OPENSSL@ AND NOT ANDROID)
# aws-c-cal has been built with a dependency on OpenSSL::Crypto,
# therefore consumers of this library have a dependency on OpenSSL and
must have it found
find_dependency(OpenSSL REQUIRED)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/cmake/modules/Findcrypto.cmake
new/aws-c-cal-0.8.9/cmake/modules/Findcrypto.cmake
--- old/aws-c-cal-0.8.7/cmake/modules/Findcrypto.cmake 2025-03-14
19:45:06.000000000 +0100
+++ new/aws-c-cal-0.8.9/cmake/modules/Findcrypto.cmake 2025-04-01
22:25:21.000000000 +0200
@@ -41,7 +41,7 @@
)
find_library(crypto_SHARED_LIBRARY
- NAMES libcrypto.so libcrypto.dylib
+ NAMES libcrypto.so libcrypto.dylib crypto.dll
HINTS
${CMAKE_PREFIX_PATH}/build/crypto
${CMAKE_PREFIX_PATH}/build
@@ -56,7 +56,7 @@
)
find_library(crypto_STATIC_LIBRARY
- NAMES libcrypto.a
+ NAMES libcrypto.a crypto.lib
HINTS
${CMAKE_PREFIX_PATH}/build/crypto
${CMAKE_PREFIX_PATH}/build
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/include/aws/cal/exports.h
new/aws-c-cal-0.8.9/include/aws/cal/exports.h
--- old/aws-c-cal-0.8.7/include/aws/cal/exports.h 2025-03-14
19:45:06.000000000 +0100
+++ new/aws-c-cal-0.8.9/include/aws/cal/exports.h 2025-04-01
22:25:21.000000000 +0200
@@ -4,7 +4,7 @@
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
-#if defined(AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined(WIN32)
+#if defined(AWS_CRT_USE_WINDOWS_DLL_SEMANTICS) || defined(_WIN32)
# ifdef AWS_CAL_USE_IMPORT_EXPORT
# ifdef AWS_CAL_EXPORTS
# define AWS_CAL_API __declspec(dllexport)
@@ -15,14 +15,14 @@
# define AWS_CAL_API
# endif /* AWS_CAL_USE_IMPORT_EXPORT */
-#else /* defined (AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32) */
+#else /* defined (AWS_CRT_USE_WINDOWS_DLL_SEMANTICS) || defined (_WIN32) */
-# if ((__GNUC__ >= 4) || defined(__clang__)) &&
defined(AWS_CAL_USE_IMPORT_EXPORT) && defined(AWS_CAL_EXPORTS)
+# if defined(AWS_CAL_USE_IMPORT_EXPORT) && defined(AWS_CAL_EXPORTS)
# define AWS_CAL_API __attribute__((visibility("default")))
# else
# define AWS_CAL_API
-# endif /* __GNUC__ >= 4 || defined(__clang__) */
+# endif
-#endif /* defined (AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32) */
+#endif /* defined (AWS_CRT_USE_WINDOWS_DLL_SEMANTICS) || defined (_WIN32) */
#endif /* AWS_CAL_EXPORTS_H */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/include/aws/cal/rsa.h
new/aws-c-cal-0.8.9/include/aws/cal/rsa.h
--- old/aws-c-cal-0.8.7/include/aws/cal/rsa.h 2025-03-14 19:45:06.000000000
+0100
+++ new/aws-c-cal-0.8.9/include/aws/cal/rsa.h 2025-04-01 22:25:21.000000000
+0200
@@ -54,6 +54,15 @@
struct aws_byte_cursor key);
/**
+ * Creates an RSA private key from PrivateKeyInfo as defined in rfc 5208 (aka
PKCS8).
+ * Returns a new instance of aws_rsa_key_pair if the key was successfully
built.
+ * Otherwise returns NULL.
+ */
+AWS_CAL_API struct aws_rsa_key_pair
*aws_rsa_key_pair_new_from_private_key_pkcs8(
+ struct aws_allocator *allocator,
+ struct aws_byte_cursor key);
+
+/**
* Adds one to an RSA key pair's ref count.
* Returns key_pair pointer.
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/source/rsa.c
new/aws-c-cal-0.8.9/source/rsa.c
--- old/aws-c-cal-0.8.7/source/rsa.c 2025-03-14 19:45:06.000000000 +0100
+++ new/aws-c-cal-0.8.9/source/rsa.c 2025-04-01 22:25:21.000000000 +0200
@@ -14,6 +14,9 @@
typedef struct aws_rsa_key_pair
*(aws_rsa_key_pair_new_from_private_pkcs1_fn)(struct aws_allocator *allocator,
struct aws_byte_cursor private_key);
+typedef struct aws_rsa_key_pair
*(aws_rsa_key_pair_new_from_private_pkcs8_fn)(struct aws_allocator *allocator,
+
struct aws_byte_cursor private_key);
+
#ifndef BYO_CRYPTO
extern struct aws_rsa_key_pair
*aws_rsa_key_pair_new_from_public_key_pkcs1_impl(
@@ -24,6 +27,10 @@
struct aws_allocator *allocator,
struct aws_byte_cursor private_key);
+struct aws_rsa_key_pair *aws_rsa_key_pair_new_from_private_key_pkcs8_impl(
+ struct aws_allocator *allocator,
+ struct aws_byte_cursor private_key);
+
#else /* BYO_CRYPTO */
struct aws_rsa_key_pair *aws_rsa_key_pair_new_from_public_key_pkcs1_impl(
@@ -41,6 +48,14 @@
(void)private_key;
abort();
}
+
+struct aws_rsa_key_pair *aws_rsa_key_pair_new_from_private_key_pkcs8_impl(
+ struct aws_allocator *allocator,
+ struct aws_byte_cursor private_key) {
+ (void)allocator;
+ (void)private_key;
+ abort();
+}
#endif /* BYO_CRYPTO */
static aws_rsa_key_pair_new_from_public_pkcs1_fn
*s_rsa_key_pair_new_from_public_key_pkcs1_fn =
@@ -49,6 +64,9 @@
static aws_rsa_key_pair_new_from_private_pkcs1_fn
*s_rsa_key_pair_new_from_private_key_pkcs1_fn =
aws_rsa_key_pair_new_from_private_key_pkcs1_impl;
+static aws_rsa_key_pair_new_from_private_pkcs8_fn
*s_rsa_key_pair_new_from_private_key_pkcs8_fn =
+ aws_rsa_key_pair_new_from_private_key_pkcs8_impl;
+
struct aws_rsa_key_pair *aws_rsa_key_pair_new_from_public_key_pkcs1(
struct aws_allocator *allocator,
struct aws_byte_cursor public_key) {
@@ -61,6 +79,12 @@
return s_rsa_key_pair_new_from_private_key_pkcs1_fn(allocator,
private_key);
}
+AWS_CAL_API struct aws_rsa_key_pair
*aws_rsa_key_pair_new_from_private_key_pkcs8(
+ struct aws_allocator *allocator,
+ struct aws_byte_cursor key) {
+ return s_rsa_key_pair_new_from_private_key_pkcs8_fn(allocator, key);
+}
+
void aws_rsa_key_pair_base_clean_up(struct aws_rsa_key_pair *key_pair) {
aws_byte_buf_clean_up_secure(&key_pair->priv);
aws_byte_buf_clean_up_secure(&key_pair->pub);
@@ -286,3 +310,107 @@
return AWS_OP_SUCCESS;
}
+
+#ifndef BYO_CRYPTO
+
+static uint8_t s_rsa_encryption_oid[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x01, 0x01};
+
+/**
+ * There are likely tens of algo specifiers for rsa out there.
+ * But in practice mostly everyone uses rsaEncryption oid for key at rest.
+ * So for now just support that and we can add other ones later if needed.
+ * Even though its technically encryption oid, most crypto libs are lax
+ * and allow the key to be used for all operations.
+ */
+static struct aws_byte_cursor s_rsa_encryption_oid_cur = {
+ .ptr = (s_rsa_encryption_oid),
+ .len = sizeof(s_rsa_encryption_oid),
+};
+
+/**
+ * Win and Mac dont provide native support for loading pkcs8 keys, so
+ * for simplicity and consistency just parse pkcs1 key from pkcs8 and
+ * use it with existing pkcs1 loader.
+ */
+struct aws_rsa_key_pair *aws_rsa_key_pair_new_from_private_key_pkcs8_impl(
+ struct aws_allocator *allocator,
+ struct aws_byte_cursor private_key) {
+
+ struct aws_der_decoder *decoder = aws_der_decoder_new(allocator,
private_key);
+
+ if (decoder == NULL) {
+ return NULL;
+ }
+
+ /**
+ * Format of pkcs8 is as follows.
+ * PrivateKeyInfo ::= SEQUENCE {
+ * version Version, -- INTEGER (0)
+ * algorithm AlgorithmIdentifier,
+ * privateKey OCTET STRING, -- contains DER encoded key
+ * attributes [0] IMPLICIT SET OF Attribute OPTIONAL
+ * }
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL
+ * }
+ */
+
+ struct aws_rsa_key_pair *key_pair = NULL;
+
+ if (!aws_der_decoder_next(decoder) || aws_der_decoder_tlv_type(decoder) !=
AWS_DER_SEQUENCE) {
+ aws_raise_error(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED);
+ goto on_done;
+ }
+
+ /* version */
+ struct aws_byte_cursor version_cur;
+ if (!aws_der_decoder_next(decoder) ||
aws_der_decoder_tlv_unsigned_integer(decoder, &version_cur)) {
+ aws_raise_error(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED);
+ goto on_done;
+ }
+
+ if (version_cur.len != 1 || version_cur.ptr[0] != 0) {
+ aws_raise_error(AWS_ERROR_CAL_UNSUPPORTED_KEY_FORMAT);
+ goto on_done;
+ }
+
+ /* oid */
+ struct aws_byte_cursor oid_cur;
+ if (!aws_der_decoder_next(decoder) || aws_der_decoder_tlv_type(decoder) !=
AWS_DER_SEQUENCE) {
+ aws_raise_error(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED);
+ goto on_done;
+ }
+
+ if (!aws_der_decoder_next(decoder) || aws_der_decoder_tlv_type(decoder) !=
AWS_DER_OBJECT_IDENTIFIER ||
+ aws_der_decoder_tlv_blob(decoder, &oid_cur)) {
+ aws_raise_error(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED);
+ goto on_done;
+ }
+
+ if (!aws_byte_cursor_eq(&s_rsa_encryption_oid_cur, &oid_cur)) {
+ aws_raise_error(AWS_ERROR_CAL_UNSUPPORTED_KEY_FORMAT);
+ goto on_done;
+ }
+
+ /* skip additional params */
+ if (!aws_der_decoder_next(decoder)) {
+ aws_raise_error(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED);
+ goto on_done;
+ }
+
+ /* key */
+ struct aws_byte_cursor key;
+ if (!aws_der_decoder_next(decoder) || aws_der_decoder_tlv_string(decoder,
&key)) {
+ aws_raise_error(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED);
+ goto on_done;
+ }
+
+ key_pair = aws_rsa_key_pair_new_from_private_key_pkcs1(allocator, key);
+
+on_done:
+ aws_der_decoder_destroy(decoder);
+ return key_pair;
+}
+
+#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/tests/CMakeLists.txt
new/aws-c-cal-0.8.9/tests/CMakeLists.txt
--- old/aws-c-cal-0.8.7/tests/CMakeLists.txt 2025-03-14 19:45:06.000000000
+0100
+++ new/aws-c-cal-0.8.9/tests/CMakeLists.txt 2025-04-01 22:25:21.000000000
+0200
@@ -89,6 +89,7 @@
add_test_case(rsa_decrypt_oaep512)
add_test_case(rsa_signing_mismatch_pkcs1_sha256)
add_test_case(rsa_signing_mismatch_pkcs1_sha1)
+add_test_case(rsa_encryption_roundtrip_pkcs15_from_user_pkcs8)
add_test_case(aes_cbc_NIST_CBCGFSbox256_case_1)
add_test_case(aes_cbc_NIST_CBCVarKey256_case_254)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-cal-0.8.7/tests/rsa_test.c
new/aws-c-cal-0.8.9/tests/rsa_test.c
--- old/aws-c-cal-0.8.7/tests/rsa_test.c 2025-03-14 19:45:06.000000000
+0100
+++ new/aws-c-cal-0.8.9/tests/rsa_test.c 2025-04-01 22:25:21.000000000
+0200
@@ -102,6 +102,33 @@
"tZI9TCH4Sq33MGEjf2MyW0XMXC56dA2VOPSTHGKaoKmyn7L9G4WfDFcYmCdvmLkR"
"7wAz2Dyxr6ImChSWD/y2ddz1U+H39uqRxwIkwJ7TbDflYNXgsAOOlUg=";
+static const char *TEST_PKCS8_RSA_PRIVATE_KEY_2048 =
"MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDN0jYhXzsI1lSA"
+
"j+3uxraUu/78uHJlCcTifQlVUftgEzJth7WNGvrJ8bDLUHwV04cTYSkydgsivjms"
+
"XFgzuTCOLiHX0ik/RT1fOvOpk0gte2gCfPIACUAkTlGXKJ+v+1kqnWFmZFNvtkz2"
+
"fmLIRq9ZrXWORVmySCeoSfvyygxkmfTUfGieFr8LMFSB6VoWKA/vOk0sMF/5PRxm"
+
"JESS4pOMjWQ3QHpLdjsgUAnxsThLVMbaA5JXdHnFHlgkTbL/OSY06EUzuZ0dJpTU"
+
"qSBbaz6qewlIO4eM9d2N+5d/mt5nn4rU7yuLGlJE/U9UpSutuvkCkqosST9yKBz7"
+
"YUhK7WyPAgMBAAECggEAYrHEZyhFJK2yA5wA2hjLgHLNiN3hbPXMRVbz3MfdJGrQ"
+
"KZmDw1AGpkORJU1I0yaFhRN4L8xO9rAE89OsL9FDqUoRzG3ofYB0N3ALW2tWlwiw"
+
"DVFgsge9jCtKEJPYTwjV7wtcoz7Ei7L9IM3mDGdoujXlQv2aT1UuPxKLEBc27h3Q"
+
"KZZL0QbA33SmO24BUx9Y741hIXsVvoce0MQM1TPwEGH18qYpffb3kCBTwFEySx+q"
+
"JFwadZiK1JPQgpELrXZT0VuARD2Ze8Z7c0b6668wYiwJ2mmf4l0NTLk67mIIfG1w"
+
"NNNzHme/UGQEjSjUU9TFWLVHU9enumPv5UeLx3wvgQKBgQD7k6pCk8kkUcjjq0sq"
+
"92Coy1DMlZg9ictcusJ5pfe1ZdW01iX/S/88ZOxk1X27jTWcHarAeA+ci4LzDWPG"
+
"I61Hy4kJFOJB6Sx3hDSnfNvuIC/7zrcWLNzvfAeDYmPhAqi1K4HYFN7Ipa/1+Uew"
+
"kWVllcUHRz5zWU+oYVXDsjARrwKBgQDRcJowibhaG4UUMzRsyyEK1l/w+z75L8A7"
+
"2ZA+wMqyUo9LPgJRYvEHHRQTHDGCzP81IUaAK2OfWrD5Jnn6r4Il7+cQ+xCHKiMD"
+
"rBhnL9dG4lVAWgdZPyWXfrdT3mqpZ3UgfWysvph8s48QdLA3ku7PpTfchwtSdXQP"
+
"cxhEItlrIQKBgQDTTB8AdCfIfXiA3+nuWH+yxbFDY5HOfeF0LNgSXDdFABcSH5si"
+
"Za4mB44U0ssbr2qLiM9VgIF8NiDyCxj13hk359dc7VFrknBqoXuoANKnmhkzIVfd"
+
"JCkca8vTqdvBrP4NzFDuL/k+BQtZSNnRjwze2X/2sPve3fBtt/LUvuBouQKBgQC9"
+
"T1Cv6uxN1m410grjA8C8MQXLpu5HAxh5gLBXaKBPCz0mv8gMlKhUy73ngCZomq9b"
+
"8NXu6ElGMw2gR10ecSHs9KohuS45XqcDnLz6GE44bkCsyDO4QdHS2+EN2A8FTNSc"
+
"J4Lhqe3fWdZJA5B8yz09R5P0q8RaJnxfsqMOg4mOwQKBgQC+N5xLCRa/n1kJ11we"
+
"rnOe2POS+zuThhi1aMn0LLPIDwVMktymV7F8JegbdYB5KjxyxzDPcpRDRKCXvAew"
+
"QiaCZLRyigBqDpDP4l3uIp1OEzWLYuEAWwnErC7fuPm0TFAy5ecegxW7eXasDy2C"
+
"dJJcK3yV8NRVOzr2voGRmr4d7w==";
+
static int s_rsa_encryption_roundtrip_from_user(
struct aws_allocator *allocator,
enum aws_rsa_encryption_algorithm algo) {
@@ -122,6 +149,26 @@
return AWS_OP_SUCCESS;
}
+static int s_rsa_encryption_roundtrip_from_user_pkcs8(
+ struct aws_allocator *allocator,
+ enum aws_rsa_encryption_algorithm algo) {
+ struct aws_byte_buf key_buf;
+ ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
+ allocator,
aws_byte_cursor_from_c_str(TEST_PKCS8_RSA_PRIVATE_KEY_2048), &key_buf));
+
+ struct aws_rsa_key_pair *key_pair =
+ aws_rsa_key_pair_new_from_private_key_pkcs8(allocator,
aws_byte_cursor_from_buf(&key_buf));
+
+ ASSERT_NOT_NULL(key_pair);
+
+ s_rsa_encryption_roundtrip_helper(allocator, key_pair, algo);
+
+ aws_rsa_key_pair_release(key_pair);
+ aws_byte_buf_clean_up_secure(&key_buf);
+
+ return AWS_OP_SUCCESS;
+}
+
static int s_rsa_encryption_roundtrip_pkcs1_from_user(struct aws_allocator
*allocator, void *ctx) {
(void)ctx;
@@ -135,6 +182,40 @@
}
AWS_TEST_CASE(rsa_encryption_roundtrip_pkcs1_from_user,
s_rsa_encryption_roundtrip_pkcs1_from_user);
+static int s_rsa_encryption_roundtrip_pkcs15_from_user_pkcs8(struct
aws_allocator *allocator, void *ctx) {
+ (void)ctx;
+
+ aws_cal_library_test_init(allocator);
+
+ ASSERT_SUCCESS(s_rsa_encryption_roundtrip_from_user_pkcs8(allocator,
AWS_CAL_RSA_ENCRYPTION_PKCS1_5));
+
+ aws_cal_library_clean_up();
+
+ return AWS_OP_SUCCESS;
+}
+AWS_TEST_CASE(rsa_encryption_roundtrip_pkcs15_from_user_pkcs8,
s_rsa_encryption_roundtrip_pkcs15_from_user_pkcs8);
+
+static int s_rsa_pkcs8_key_load_error(struct aws_allocator *allocator, void
*ctx) {
+ (void)ctx;
+
+ aws_cal_library_test_init(allocator);
+
+ struct aws_byte_buf key_buf;
+ ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
+ allocator,
aws_byte_cursor_from_c_str(TEST_PKCS1_RSA_PRIVATE_KEY_2048), &key_buf));
+
+ struct aws_rsa_key_pair *key_pair =
+ aws_rsa_key_pair_new_from_private_key_pkcs8(allocator,
aws_byte_cursor_from_buf(&key_buf));
+
+ ASSERT_NULL(key_pair);
+ ASSERT_INT_EQUALS(AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED,
aws_last_error());
+
+ aws_cal_library_clean_up();
+
+ return AWS_OP_SUCCESS;
+}
+AWS_TEST_CASE(rsa_pkcs8_key_load_error, s_rsa_pkcs8_key_load_error);
+
static int s_rsa_encryption_roundtrip_oaep_sha256_from_user(struct
aws_allocator *allocator, void *ctx) {
(void)ctx;
