1 files changed, 141 insertions, 1 deletions

diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
index ef02717d8b..a9587aa1a4 100644
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@@ -1,9 +1,18 @@
-# frozen_string_literal: false
+# frozen_string_literal: true
 require_relative "utils"
 
 if defined?(OpenSSL)
 
 class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
+  def test_no_private_exp
+    key = OpenSSL::PKey::RSA.new
+    rsa = Fixtures.pkey("rsa2048")
+    key.set_key(rsa.n, rsa.e, nil) 
+    key.set_factors(rsa.p, rsa.q)
+    assert_raise(OpenSSL::PKey::RSAError){ key.private_encrypt("foo") }
+    assert_raise(OpenSSL::PKey::RSAError){ key.private_decrypt("foo") }
+  end
+
   def test_padding
     key = OpenSSL::PKey::RSA.new(512, 3)
 
@@ -31,14 +40,32 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
   end
 
   def test_private
+    # Generated by key size and public exponent
     key = OpenSSL::PKey::RSA.new(512, 3)
     assert(key.private?)
+
+    # Generated by DER
     key2 = OpenSSL::PKey::RSA.new(key.to_der)
     assert(key2.private?)
+
+    # public key
     key3 = key.public_key
     assert(!key3.private?)
+
+    # Generated by public key DER
     key4 = OpenSSL::PKey::RSA.new(key3.to_der)
     assert(!key4.private?)
+    rsa1024 = Fixtures.pkey("rsa1024")
+
+    # Generated by RSA#set_key
+    key5 = OpenSSL::PKey::RSA.new
+    key5.set_key(rsa1024.n, rsa1024.e, rsa1024.d)
+    assert(key5.private?)
+
+    # Generated by RSA#set_key, without d
+    key6 = OpenSSL::PKey::RSA.new
+    key6.set_key(rsa1024.n, rsa1024.e, nil)
+    assert(!key6.private?)
   end
 
   def test_new
@@ -153,6 +180,40 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
     }
   end
 
+  def test_export
+    rsa1024 = Fixtures.pkey("rsa1024")
+    key = OpenSSL::PKey::RSA.new
+
+    # key has only n, e and d
+    key.set_key(rsa1024.n, rsa1024.e, rsa1024.d)
+    assert_equal rsa1024.public_key.export, key.export
+
+    # key has only n, e, d, p and q
+    key.set_factors(rsa1024.p, rsa1024.q)
+    assert_equal rsa1024.public_key.export, key.export
+
+    # key has n, e, d, p, q, dmp1, dmq1 and iqmp
+    key.set_crt_params(rsa1024.dmp1, rsa1024.dmq1, rsa1024.iqmp)
+    assert_equal rsa1024.export, key.export
+  end
+
+  def test_to_der
+    rsa1024 = Fixtures.pkey("rsa1024")
+    key = OpenSSL::PKey::RSA.new
+
+    # key has only n, e and d
+    key.set_key(rsa1024.n, rsa1024.e, rsa1024.d)
+    assert_equal rsa1024.public_key.to_der, key.to_der
+
+    # key has only n, e, d, p and q
+    key.set_factors(rsa1024.p, rsa1024.q)
+    assert_equal rsa1024.public_key.to_der, key.to_der
+
+    # key has n, e, d, p, q, dmp1, dmq1 and iqmp
+    key.set_crt_params(rsa1024.dmp1, rsa1024.dmq1, rsa1024.iqmp)
+    assert_equal rsa1024.to_der, key.to_der
+  end
+
   def test_RSAPrivateKey
     rsa1024 = Fixtures.pkey("rsa1024")
     asn1 = OpenSSL::ASN1::Sequence([
@@ -295,6 +356,85 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
     }
   end
 
+  def test_private_encoding
+    rsa1024 = Fixtures.pkey("rsa1024")
+    asn1 = OpenSSL::ASN1::Sequence([
+      OpenSSL::ASN1::Integer(0),
+      OpenSSL::ASN1::Sequence([
+        OpenSSL::ASN1::ObjectId("rsaEncryption"),
+        OpenSSL::ASN1::Null(nil)
+      ]),
+      OpenSSL::ASN1::OctetString(rsa1024.to_der)
+    ])
+    assert_equal asn1.to_der, rsa1024.private_to_der
+    assert_same_rsa rsa1024, OpenSSL::PKey.read(asn1.to_der)
+
+    pem = <<~EOF
+    -----BEGIN PRIVATE KEY-----
+    MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMvCxLDUQKc+1P4+
+    Q6AeFwYDvWfALb+cvzlUEadGoPE6qNWHsLFoo8RFgeyTgE8KQTduu1OE9Zz2SMcR
+    BDu5/1jWtsLPSVrI2ofLLBARUsWanVyki39DeB4u/xkP2mKGjAokPIwOI3oCthSZ
+    lzO9bj3voxTf6XngTqUX8l8URTmHAgMBAAECgYEApKX8xBqvJ7XI7Kypfo/x8MVC
+    3rxW+1eQ2aVKIo4a7PKGjQz5RVIVyzqTUvSZoMTbkAxlSIbO5YfJpTnl3tFcOB6y
+    QMxqQPW/pl6Ni3EmRJdsRM5MsPBRZOfrXxOCdvXu1TWOS1S1TrvEr/TyL9eh2WCd
+    CGzpWgdO4KHce7vs7pECQQDv6DGoG5lHnvbvj9qSJb9K5ebRJc8S+LI7Uy5JHC0j
+    zsHTYPSqBXwPVQdGbgCEycnwwKzXzT2QxAQmJBQKun2ZAkEA2W3aeAE7Xi6zo2eG
+    4Cx4UNMHMIdfBRS7VgoekwybGmcapqV0aBew5kHeWAmxP1WUZ/dgZh2QtM1VuiBA
+    qUqkHwJBAOJLCRvi/JB8N7z82lTk2i3R8gjyOwNQJv6ilZRMyZ9vFZFHcUE27zCf
+    Kb+bX03h8WPwupjMdfgpjShU+7qq8nECQQDBrmyc16QVyo40sgTgblyiysitvviy
+    ovwZsZv4q5MCmvOPnPUrwGbRRb2VONUOMOKpFiBl9lIv7HU//nj7FMVLAkBjUXED
+    83dA8JcKM+HlioXEAxCzZVVhN+D63QwRwkN08xAPklfqDkcqccWDaZm2hdCtaYlK
+    funwYkrzI1OikQSs
+    -----END PRIVATE KEY-----
+    EOF
+    assert_equal pem, rsa1024.private_to_pem
+    assert_same_rsa rsa1024, OpenSSL::PKey.read(pem)
+  end
+
+  def test_private_encoding_encrypted
+    rsa1024 = Fixtures.pkey("rsa1024")
+    encoded = rsa1024.private_to_der("aes-128-cbc", "abcdef")
+    asn1 = OpenSSL::ASN1.decode(encoded) # PKCS #8 EncryptedPrivateKeyInfo
+    assert_kind_of OpenSSL::ASN1::Sequence, asn1
+    assert_equal 2, asn1.value.size
+    assert_not_equal rsa1024.private_to_der, encoded
+    assert_same_rsa rsa1024, OpenSSL::PKey.read(encoded, "abcdef")
+    assert_same_rsa rsa1024, OpenSSL::PKey.read(encoded) { "abcdef" }
+    assert_raise(OpenSSL::PKey::PKeyError) { OpenSSL::PKey.read(encoded, "abcxyz") }
+
+    encoded = rsa1024.private_to_pem("aes-128-cbc", "abcdef")
+    assert_match (/BEGIN ENCRYPTED PRIVATE KEY/), encoded.lines[0]
+    assert_same_rsa rsa1024, OpenSSL::PKey.read(encoded, "abcdef")
+
+    # certtool --load-privkey=test/fixtures/pkey/rsa1024.pem --to-p8 --password=abcdef
+    pem = <<~EOF
+    -----BEGIN ENCRYPTED PRIVATE KEY-----
+    MIICojAcBgoqhkiG9w0BDAEDMA4ECLqajUdSNfzwAgIEkQSCAoCDWhxr1HUrKLXA
+    FsFGGQfPT0aKH4gZipaSXXQRl0KwifHwHoDtfo/mAkJVZMnUVOm1AQ4LTFS3EdTy
+    JUwICGEQHb7QAiokIRoi0K2yHhOxVO8qgbnWuisWpiT6Ru1jCqTs/wcqlqF7z2jM
+    oXDk/vuekKst1DDXDcHrzhDkwhCQWj6jt1r2Vwaryy0FyeqsWAgBDiK2LsnCgkGD
+    21uhNZ/iWMG6tvY9hB8MDdiBJ41YdSG/AKLulAxQ1ibJz0Tasu66TmwFvWhBlME+
+    QbqfgmkgWg5buu53SvDfCA47zXihclbtdfW+U3CJ9OJkx0535TVdZbuC1QgKXvG7
+    4iKGFRMWYJqZvZM3GL4xbC75AxjXZsdCfV81VjZxjeU6ung/NRzCuCUcmBOQzo1D
+    Vv6COwAa6ttQWM0Ti8oIQHdu5Qi+nuOEHDLxCxD962M37H99sEO5cESjmrGVxhEo
+    373L4+11geGSCajdp0yiAGnXQfwaKta8cL693bRObN+b1Y+vqtDKH26N9a4R3qgg
+    2XwgQ5GH5CODoXZpi0wxncXO+3YuuhGeArtzKSXLNxHzIMlY7wZX+0e9UU03zfV/
+    aOe4/q5DpkNxgHePt0oEpamSKY5W3jzVi1dlFWsRjud1p/Grt2zjSWTYClBlJqG1
+    A/3IeDZCu+acaePJjFyv5dFffIj2l4bAYB+LFrZlSu3F/EimO/dCDWJ9JGlMK0aF
+    l9brh7786Mo+YfyklaqMMEHBbbR2Es7PR6Gt7lrcIXmzy9XSsxT6IiD1rG9KKR3i
+    CQxTup6JAx9w1q+adL+Ypikoy3gGD/ccUY6TtPoCmkQwSCS+JqQnFlCiThDJbu+V
+    eqqUNkZq
+    -----END ENCRYPTED PRIVATE KEY-----
+    EOF
+    assert_same_rsa rsa1024, OpenSSL::PKey.read(pem, "abcdef")
+  end
+
+  def test_public_encoding
+    rsa1024 = Fixtures.pkey("rsa1024")
+    assert_equal dup_public(rsa1024).to_der, rsa1024.public_to_der
+    assert_equal dup_public(rsa1024).to_pem, rsa1024.public_to_pem
+  end
+
   def test_dup
     key = Fixtures.pkey("rsa1024")
     key2 = key.dup