From 8c185e0ae5e42bf5f3d76a1a0898946671116fa3 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Wed, 3 Nov 2021 23:31:29 +0900
Subject: pkey: test parsing concatenated PEM string

PEM-encoded private keys are sometimes stored together with irrelevant
PEM blocks, such as the corresponding X.509 certificate.

PEM_read_bio_*() family automatically skips unknown PEM blocks, but on
OpenSSL 3.0 we will be using the new OSSL_DECODER API instead due to
some breaking changes around the password callback.

Let's add a test case so that we won't break the current behavior.
---
 test/openssl/test_pkey_rsa.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
index dbe87ba4..7510658d 100644
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@@ -306,6 +306,12 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
 
     assert_equal asn1.to_der, rsa1024.to_der
     assert_equal pem, rsa1024.export
+
+    # Unknown PEM prepended
+    cert = issue_cert(OpenSSL::X509::Name.new([["CN", "nobody"]]), rsa1024, 1, [], nil, nil)
+    str = cert.to_text + cert.to_pem + rsa1024.to_pem
+    key = OpenSSL::PKey::RSA.new(str)
+    assert_same_rsa rsa1024, key
   end
 
   def test_RSAPrivateKey_encrypted
-- 
cgit v1.2.3