…tent

The test case creates an RSA public key and tries to pass it through
i2d_PrivateKey().  This SHOULD fail, since the private bits are missing.

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16027)

Fixes #16026

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16027)

ASN1_FBOOLEAN is designed to use as a default for optional ASN1 items.
This test program used it for non-optional items, which doesn't encode
well.

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16027)

Make it only report (and fail on) encoding/decoding failures when success
is expected.

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16027)

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16027)

A default-constructed X509_REQ or NETSCAPE_SPKI contains empty values
for all its fields, notably the OIDs in public keys. Previously, OpenSSL
would silently omit the field, which isn't actually a valid structure.

As of openssl/openssl#16027, OpenSSL will notice
this and return an error rather than serialize garbage. Sadly, that had
to be reverted on 1.1.1, but it is present in the 3.0 branch.

Fix pyOpenSSL's tests to stop trying to serialize invalid objects. It
should fill in the public key (which is mandatory in these structures).
While not syntactically necessary (the empty string is a BIT STRING),
also fill in the signature for NetscapeSPKI.

Tested by running pyOpenSSL tests against a copy of OpenSSL 1.1.1's dev
branch, prior to the changes getting reverted.

A default-constructed X509_REQ or NETSCAPE_SPKI contains empty values
for all its fields, notably the OIDs in public keys. This initial state
is incomplete and not yet a valid object. The ASN.1 structures make the
public key mandatory.  When serializing, OpenSSL would previously
silently omit the field, which doesn't actually produce a valid
structure.

As of openssl/openssl#16027, OpenSSL will notice
this and return an error rather than serialize garbage. Sadly, that had
to be reverted on 1.1.1, but it is present in the 3.0 branch. With that
change, some of pyOpenSSL's tests fail.

The bug here is in pyOpenSSL: pyOpenSSL tests are trying to serialize
incomplete objects. Instead, fill in the public key.  While not
syntactically necessary (the empty string is a BIT STRING), also fill in
the signature for NetscapeSPKI, to better align with real code.

Tested by running pyOpenSSL tests against a copy of OpenSSL 1.1.1's dev
branch, prior to the changes getting reverted.

A default-constructed X509_REQ or NETSCAPE_SPKI contains empty values
for all its fields, notably the OIDs in public keys. This initial state
is incomplete and not yet a valid object. The ASN.1 structures make the
public key mandatory.  When serializing, OpenSSL would previously
silently omit the field, which doesn't actually produce a valid
structure.

As of openssl/openssl#16027, OpenSSL will notice
this and return an error rather than serialize garbage. Sadly, that had
to be reverted on 1.1.1, but it is present in the 3.0 branch. With that
change, some of pyOpenSSL's tests fail.

The bug here is in pyOpenSSL: pyOpenSSL tests are trying to serialize
incomplete objects. Instead, fill in the public key.  While not
syntactically necessary (the empty string is a BIT STRING), also fill in
the signature for NetscapeSPKI, to better align with real code.

Tested by running pyOpenSSL tests against a copy of OpenSSL 1.1.1's dev
branch, prior to the changes getting reverted.