From 0652b62d5e8a2992aa87324a9a14104bd4f1910f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Apr 2024 16:02:13 +0200
Subject: [PATCH] Fix rsa_pkcs1_*_clear.der to actually be PKCS#1 files

With OpenSSL 3.0.2 (which I used to generate the previous set of "pkcs1" DER
files), the output of `openssl rsa -outform DER` is actually a
PKCS#8-encoded key, despite what the documentation says. This is a change
from OpenSSL 1.x, where the output is a PKCS#1-encoded key. OpenSSL 3.0.8
documents the output as PKCS#8.

Change to `openssl pkey`, which seems more reliable. The documentation
states that the output is PKCS#8, but the output is actually consistently
PKCS#1 at least from 1.0.2g to 3.3.0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/data_files/Makefile                 |   2 +-
 tests/data_files/rsa_pkcs1_1024_clear.der | Bin 634 -> 608 bytes
 tests/data_files/rsa_pkcs1_2048_clear.der | Bin 1218 -> 1192 bytes
 tests/data_files/rsa_pkcs1_4096_clear.der | Bin 2374 -> 2348 bytes
 tests/data_files/rsa_pkcs1_768_clear.der  | Bin 489 -> 463 bytes
 tests/data_files/rsa_pkcs1_769_clear.der  | Bin 490 -> 464 bytes
 tests/data_files/rsa_pkcs1_770_clear.der  | Bin 491 -> 465 bytes
 tests/data_files/rsa_pkcs1_776_clear.der  | Bin 492 -> 466 bytes
 tests/data_files/rsa_pkcs1_784_clear.der  | Bin 497 -> 471 bytes
 9 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 0fbdfe513d..fa30cf57b0 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -739,7 +739,7 @@ all_final += $(keys_rsa_base)
 ### PKCS1-encoded, plaintext RSA keys in derived forms
 
 rsa_pkcs1_%.der: rsa_pkcs1_%.pem
-	$(OPENSSL) rsa -inform PEM -in $< -outform DER -out $@
+	$(OPENSSL) pkey -inform PEM -in $< -outform DER -out $@
 all_final += $(keys_rsa_base:.pem=.der)
 
 ###
diff --git a/tests/data_files/rsa_pkcs1_1024_clear.der b/tests/data_files/rsa_pkcs1_1024_clear.der
index 8dfb09fb8407c69ab2501c2b5738b754aa594704..cec2c30117d6e3ddc6492c5354bace376c84bd2c 100644
GIT binary patch
delta 8
Pcmeyx@_=QdR00zK5gY>$

delta 34
pcmaFB@{2{vpoyuBiIKs8myJ`a&7<u*FC!x(D+5atQ^JM>CIFS!2l@a2

diff --git a/tests/data_files/rsa_pkcs1_2048_clear.der b/tests/data_files/rsa_pkcs1_2048_clear.der
index 137395e2a392d435aceb82d0983ab9ff9af5757d..667051bd80aa77abb5164bfb2dd1d3d6527d2b62 100644
GIT binary patch
delta 8
PcmX@axq@?})Cv{=4%!0r

delta 34
qcmZ3%d5BZWpowK46C;BGFB_*;n@8JsUPeYnRtA<PmK7UTumAv&=?HQF

diff --git a/tests/data_files/rsa_pkcs1_4096_clear.der b/tests/data_files/rsa_pkcs1_4096_clear.der
index c65a2325b5363ff811ae440b3924e246e0efc7de..9dc971e9917eeed75bf27b76499e896327650977 100644
GIT binary patch
delta 8
PcmX>mv_@#7lny5V4vPYp

delta 34
pcmZ1@bWBLfpo!CoiIKs8myJ`a&7<u*FC!x(D+5atr_Kf)P5_2h2PXgk

diff --git a/tests/data_files/rsa_pkcs1_768_clear.der b/tests/data_files/rsa_pkcs1_768_clear.der
index 7fbd8b221f51a9fc3888347103dbd00bfb40d411..a80b891e499a6dcc7d1e6dfb66bea735e85f6eca 100644
GIT binary patch
delta 8
PcmaFKe4cru)Okh#5dQ;O

delta 34
qcmX@l{E}J9po#G*6C;BGFB_*;n@8JsUPeYnRtA<P#`7D_GXemf^a&sU

diff --git a/tests/data_files/rsa_pkcs1_769_clear.der b/tests/data_files/rsa_pkcs1_769_clear.der
index 3361d0bf2ec8963ca816b7da1a8eace9b1ef1cc6..c4bfe6c0bb325bcc4c9e1b29ceafd1710bc50c3f 100644
GIT binary patch
delta 8
PcmaFGe1UnR)CEQW5f1}h

delta 34
qcmcb>{EAu1po#Gr6C;BGFB_*;n@8JsUPeYnRtA<P#tR!RFaiLdRtY5l

diff --git a/tests/data_files/rsa_pkcs1_770_clear.der b/tests/data_files/rsa_pkcs1_770_clear.der
index f9e6c8be95eb6918e631124c2db71e1fa10dfcf4..89e140fdc1af212ea6f797569c255e189955ca86 100644
GIT binary patch
delta 8
PcmaFOe35yh)I~-B5g!9!

delta 34
qcmcb}{F+(Hpo#H06C;BGFB_*;n@8JsUPeYnRtA<P#)}&+G6DdfxCtr%

diff --git a/tests/data_files/rsa_pkcs1_776_clear.der b/tests/data_files/rsa_pkcs1_776_clear.der
index 85118811e75c94eb94665191c3e764ac924969df..a311c6772b652178e85add5ac4f6b8f068eb60eb 100644
GIT binary patch
delta 8
PcmaFEe2ICZ)Fnm$5ibK{

delta 34
qcmcb_{DxV|po#GX6C;BGFB_*;n@8JsUPeYnRtA<P#!DM6F#-Uf8VN4|

diff --git a/tests/data_files/rsa_pkcs1_784_clear.der b/tests/data_files/rsa_pkcs1_784_clear.der
index 4fe5ebb123a798d8ca59e294463d700c30604c90..94f3d3bcd9fa2aae678038ac9de3ac6d73a94b2d 100644
GIT binary patch
delta 8
Pcmey!e4Tlt)OAJx5q|@6

delta 34
qcmcc4{E=D8po#G<6C;BGFB_*;n@8JsUPeYnRtA<P#_JodGXemj1PMq0