1#! /usr/bin/env perl
2# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9# This collects specific use cases, and tests our handling
10
11use File::Spec::Functions;
12use File::Copy;
13use MIME::Base64;
14use OpenSSL::Test qw(:DEFAULT srctop_file srctop_dir bldtop_file bldtop_dir
15                     data_file);
16use OpenSSL::Test::Utils;
17
18my $test_name = "test_store_cases";
19setup($test_name);
20
21plan tests => 3;
22
23my $stderr;
24my @stdout;
25
26# The case of the garbage PKCS#12 DER file where a passphrase was
27# prompted for.  That should not have happened.
28$stderr = 'garbage-pkcs12.stderr.txt';
29ok(!run(app(['openssl', 'storeutl', '-passin', 'pass:invalidapass',
30             data_file('garbage-pkcs12.p12')],
31            stderr => $stderr)),
32   "checking that storeutl fails when given a garbage pkcs12 file");
33open DATA, $stderr;
34@match = grep /try_pkcs12:.*?:maybe wrong password$/, <DATA>;
35close DATA;
36ok(scalar @match > 0 ? 0 : 1,
37   "checking that storeutl didn't ask for a passphrase");
38
39 SKIP: {
40     skip "The objects in test-BER.p12 contain EC keys, which is disabled in this build", 1
41         if disabled("ec");
42     skip "test-BER.p12 has contents encrypted with DES-EDE3-CBC, which is disabled in this build", 1
43         if disabled("des");
44
45     # The case with a BER-encoded PKCS#12 file, using infinite + EOC
46     # constructs.  There was a bug with those in OpenSSL 3.0 and newer,
47     # where OSSL_STORE_load() (and by consequence, 'openssl storeutl')
48     # only extracted the first available object from that file and
49     # ignored the rest.
50     # Our test file has a total of four objects, and this should be
51     # reflected in the total that 'openssl storeutl' outputs
52     @stdout = run(app(['openssl', 'storeutl', '-passin', 'pass:12345',
53                        data_file('test-BER.p12')]),
54                   capture => 1);
55     @stdout = map { my $x = $_; $x =~ s/\R$//; $x } @stdout; # Better chomp
56     ok((grep { $_ eq 'Total found: 4' } @stdout),
57        "Checking that 'openssl storeutl' with test-BER.p12 returns 4 objects");
58}
59