Openssl testing (#90)

* Add error_code support to algorithm::verify * Add error_code support for signing * Add error_code overloads to verifying * Fix missing throw * Improvements * Remove unused throwing overloads * Fix test on older gtest * Found bug and added more testing * Move exceptions into error namespace * Initial implementation of openssl tests * Fix tests for older compilers * Only enable openssl test on openssl >=1.1
Thalhammer · Jul 21, 2020 · 9711259 · 9711259
1 parent ab37be7
commit 9711259
Show file tree

Hide file tree

Showing 6 changed files with 954 additions and 140 deletions.
diff --git a/include/jwt-cpp/jwt.h b/include/jwt-cpp/jwt.h
@@ -121,11 +121,7 @@ namespace jwt {
 		 */
 		enum class ecdsa_error {
 			ok = 0,
-			cert_load_failed = 10,
-			get_key_failed,
-			write_key_failed,
-			convert_to_pem_failed,
-			load_key_bio_write,
+			load_key_bio_write = 10,
 			load_key_bio_read,
 			create_mem_bio_failed,
 			no_key_provided,
@@ -217,7 +213,8 @@ namespace jwt {
 			digestupdate_failed,
 			digestfinal_failed,
 			rsa_padding_failed,
-			rsa_private_encrypt_failed
+			rsa_private_encrypt_failed,
+			get_key_failed
 		};
 		/**
 		 * \brief Errorcategory for signature generation errors
@@ -241,6 +238,7 @@ namespace jwt {
 					case signature_generation_error::digestfinal_failed: return "failed to create signature: DigestFinal failed";
 					case signature_generation_error::rsa_padding_failed: return "failed to create signature: RSA_padding_add_PKCS1_PSS_mgf1 failed";
 					case signature_generation_error::rsa_private_encrypt_failed: return "failed to create signature: RSA_private_encrypt failed";
+					case signature_generation_error::get_key_failed: return "failed to generate signature: Could not get key";
 					default: return "unknown signature generation error";
 					}
 				}
@@ -255,7 +253,7 @@ namespace jwt {
 
 		enum class token_verification_error {
 			ok = 0,
-			wrong_algorithm,
+			wrong_algorithm = 10,
 			missing_claim,
 			claim_type_missmatch,
 			claim_value_missmatch,
@@ -776,7 +774,9 @@ namespace jwt {
 
 				if (!private_key.empty()) {
 					std::unique_ptr<BIO, decltype(&BIO_free_all)> privkey_bio(BIO_new(BIO_s_mem()), BIO_free_all);
-						const int len = static_cast<int>(private_key.size());
+					if(!privkey_bio)
+						throw ecdsa_exception(error::ecdsa_error::create_mem_bio_failed);
+					const int len = static_cast<int>(private_key.size());
 					if (BIO_write(privkey_bio.get(), private_key.data(), len) != len)
 						throw ecdsa_exception(error::ecdsa_error::load_key_bio_write);
 					pkey.reset(PEM_read_bio_ECPrivateKey(privkey_bio.get(), nullptr, nullptr, const_cast<char*>(private_key_password.c_str())), EC_KEY_free);
@@ -883,6 +883,10 @@ namespace jwt {
 #else
 				std::unique_ptr<EVP_MD_CTX, decltype(&EVP_MD_CTX_free)> ctx(EVP_MD_CTX_new(), EVP_MD_CTX_free);
 #endif
+				if(!ctx) {
+					ec = error::signature_generation_error::create_context_failed;
+					return {};
+				}
 				if(EVP_DigestInit(ctx.get(), md()) == 0) {
 					ec = error::signature_generation_error::digestinit_failed;
 					return {};
@@ -949,7 +953,7 @@ namespace jwt {
 
 				std::unique_ptr<RSA, decltype(&RSA_free)> key(EVP_PKEY_get1_RSA(pkey.get()), RSA_free);
 				if(!key) {
-					ec = error::signature_generation_error::create_context_failed;
+					ec = error::signature_generation_error::get_key_failed;
 					return {};
 				}
 				const int size = RSA_size(key.get());

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
@@ -14,11 +14,13 @@ find_package(GTest REQUIRED)
 set(TEST_SOURCES
     ${CMAKE_CURRENT_SOURCE_DIR}/BaseTest.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/ClaimTest.cpp
+    ${CMAKE_CURRENT_SOURCE_DIR}/Keys.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/HelperTest.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/TestMain.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/TokenFormatTest.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/TokenTest.cpp
-    ${CMAKE_CURRENT_SOURCE_DIR}/NlohmannTest.cpp)
+    ${CMAKE_CURRENT_SOURCE_DIR}/NlohmannTest.cpp
+    ${CMAKE_CURRENT_SOURCE_DIR}/OpenSSLErrorTest.cpp)
 
 add_executable(jwt-cpp-test ${TEST_SOURCES})
 target_compile_options(
@@ -32,7 +34,7 @@ target_compile_options(
           -Wno-global-constructors
           -Wno-weak-vtables>)
 target_link_libraries(jwt-cpp-test PRIVATE jwt-cpp::jwt-cpp GTest::GTest
-                                           GTest::Main pthread)
+                                           GTest::Main pthread dl)
 
 gtest_add_tests(TARGET jwt-cpp-test)
 

diff --git a/tests/HelperTest.cpp b/tests/HelperTest.cpp
@@ -11,6 +11,64 @@ TEST(HelperTest, Cert2Pubkey) {
     ASSERT_EQ(google_cert_key, key);
 }
 
+TEST(HelperTest, ErrorCodeMessages) {
+    ASSERT_EQ(std::error_code(jwt::error::rsa_error::ok).message(), "no error");
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::rsa_error>(-1)).message(), "unknown RSA error");
+    ASSERT_EQ(std::error_code(jwt::error::rsa_error::ok).category().name(), std::string("rsa_error"));
+
+    ASSERT_EQ(std::error_code(jwt::error::ecdsa_error::ok).message(), "no error");
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::ecdsa_error>(-1)).message(), "unknown ECDSA error");
+    ASSERT_EQ(std::error_code(jwt::error::ecdsa_error::ok).category().name(), std::string("ecdsa_error"));
+
+    ASSERT_EQ(std::error_code(jwt::error::signature_verification_error::ok).message(), "no error");
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::signature_verification_error>(-1)).message(), "unknown signature verification error");
+    ASSERT_EQ(std::error_code(jwt::error::signature_verification_error::ok).category().name(), std::string("signature_verification_error"));
+
+    ASSERT_EQ(std::error_code(jwt::error::signature_generation_error::ok).message(), "no error");
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::signature_generation_error>(-1)).message(), "unknown signature generation error");
+    ASSERT_EQ(std::error_code(jwt::error::signature_generation_error::ok).category().name(), std::string("signature_generation_error"));
+
+    ASSERT_EQ(std::error_code(jwt::error::token_verification_error::ok).message(), "no error");
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::token_verification_error>(-1)).message(), "unknown token verification error");
+    ASSERT_EQ(std::error_code(jwt::error::token_verification_error::ok).category().name(), std::string("token_verification_error"));
+
+    int i = 10;
+    for(i = 10; i < 18; i++) {
+        ASSERT_NE(std::error_code(static_cast<jwt::error::rsa_error>(i)).message(),
+            std::error_code(static_cast<jwt::error::rsa_error>(-1)).message());
+    }
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::rsa_error>(i)).message(),
+        std::error_code(static_cast<jwt::error::rsa_error>(-1)).message());
+
+    for(i = 10; i < 16; i++) {
+        ASSERT_NE(std::error_code(static_cast<jwt::error::ecdsa_error>(i)).message(),
+            std::error_code(static_cast<jwt::error::ecdsa_error>(-1)).message());
+    }
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::ecdsa_error>(i)).message(),
+        std::error_code(static_cast<jwt::error::ecdsa_error>(-1)).message());
+
+    for(i = 10; i < 16; i++) {
+        ASSERT_NE(std::error_code(static_cast<jwt::error::signature_verification_error>(i)).message(),
+            std::error_code(static_cast<jwt::error::signature_verification_error>(-1)).message());
+    }
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::signature_verification_error>(i)).message(),
+        std::error_code(static_cast<jwt::error::signature_verification_error>(-1)).message());
+
+    for(i = 10; i < 22; i++) {
+        ASSERT_NE(std::error_code(static_cast<jwt::error::signature_generation_error>(i)).message(),
+            std::error_code(static_cast<jwt::error::signature_generation_error>(-1)).message());
+    }
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::signature_generation_error>(i)).message(),
+        std::error_code(static_cast<jwt::error::signature_generation_error>(-1)).message());
+
+    for(i = 10; i < 16; i++) {
+        ASSERT_NE(std::error_code(static_cast<jwt::error::token_verification_error>(i)).message(),
+            std::error_code(static_cast<jwt::error::token_verification_error>(-1)).message());
+    }
+    ASSERT_EQ(std::error_code(static_cast<jwt::error::token_verification_error>(i)).message(),
+        std::error_code(static_cast<jwt::error::token_verification_error>(-1)).message());
+}
+
 namespace {
     std::string google_cert = R"(-----BEGIN CERTIFICATE-----
 MIIF8DCCBVmgAwIBAgIKYFOB9QABAACIvTANBgkqhkiG9w0BAQUFADBGMQswCQYD

diff --git a/tests/Keys.cpp b/tests/Keys.cpp
@@ -0,0 +1,170 @@
+#include <string>
+
+namespace test_keys {
+	std::string rsa_priv_key = R"(-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC4ZtdaIrd1BPIJ
+tfnF0TjIK5inQAXZ3XlCrUlJdP+XHwIRxdv1FsN12XyMYO/6ymLmo9ryoQeIrsXB
+XYqlET3zfAY+diwCb0HEsVvhisthwMU4gZQu6TYW2s9LnXZB5rVtcBK69hcSlA2k
+ZudMZWxZcj0L7KMfO2rIvaHw/qaVOE9j0T257Z8Kp2CLF9MUgX0ObhIsdumFRLaL
+DvDUmBPr2zuh/34j2XmWwn1yjN/WvGtdfhXW79Ki1S40HcWnygHgLV8sESFKUxxQ
+mKvPUTwDOIwLFL5WtE8Mz7N++kgmDcmWMCHc8kcOIu73Ta/3D4imW7VbKgHZo9+K
+3ESFE3RjAgMBAAECggEBAJTEIyjMqUT24G2FKiS1TiHvShBkTlQdoR5xvpZMlYbN
+tVWxUmrAGqCQ/TIjYnfpnzCDMLhdwT48Ab6mQJw69MfiXwc1PvwX1e9hRscGul36
+ryGPKIVQEBsQG/zc4/L2tZe8ut+qeaK7XuYrPp8bk/X1e9qK5m7j+JpKosNSLgJj
+NIbYsBkG2Mlq671irKYj2hVZeaBQmWmZxK4fw0Istz2WfN5nUKUeJhTwpR+JLUg4
+ELYYoB7EO0Cej9UBG30hbgu4RyXA+VbptJ+H042K5QJROUbtnLWuuWosZ5ATldwO
+u03dIXL0SH0ao5NcWBzxU4F2sBXZRGP2x/jiSLHcqoECgYEA4qD7mXQpu1b8XO8U
+6abpKloJCatSAHzjgdR2eRDRx5PMvloipfwqA77pnbjTUFajqWQgOXsDTCjcdQui
+wf5XAaWu+TeAVTytLQbSiTsBhrnoqVrr3RoyDQmdnwHT8aCMouOgcC5thP9vQ8Us
+rVdjvRRbnJpg3BeSNimH+u9AHgsCgYEA0EzcbOltCWPHRAY7B3Ge/AKBjBQr86Kv
+TdpTlxePBDVIlH+BM6oct2gaSZZoHbqPjbq5v7yf0fKVcXE4bSVgqfDJ/sZQu9Lp
+PTeV7wkk0OsAMKk7QukEpPno5q6tOTNnFecpUhVLLlqbfqkB2baYYwLJR3IRzboJ
+FQbLY93E8gkCgYB+zlC5VlQbbNqcLXJoImqItgQkkuW5PCgYdwcrSov2ve5r/Acz
+FNt1aRdSlx4176R3nXyibQA1Vw+ztiUFowiP9WLoM3PtPZwwe4bGHmwGNHPIfwVG
+m+exf9XgKKespYbLhc45tuC08DATnXoYK7O1EnUINSFJRS8cezSI5eHcbQKBgQDC
+PgqHXZ2aVftqCc1eAaxaIRQhRmY+CgUjumaczRFGwVFveP9I6Gdi+Kca3DE3F9Pq
+PKgejo0SwP5vDT+rOGHN14bmGJUMsX9i4MTmZUZ5s8s3lXh3ysfT+GAhTd6nKrIE
+kM3Nh6HWFhROptfc6BNusRh1kX/cspDplK5x8EpJ0QKBgQDWFg6S2je0KtbV5PYe
+RultUEe2C0jYMDQx+JYxbPmtcopvZQrFEur3WKVuLy5UAy7EBvwMnZwIG7OOohJb
+vkSpADK6VPn9lbqq7O8cTedEHttm6otmLt8ZyEl3hZMaL3hbuRj6ysjmoFKx6CrX
+rK0/Ikt5ybqUzKCMJZg2VKGTxg==
+-----END PRIVATE KEY-----)";
+	std::string rsa_pub_key = R"(-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGbXWiK3dQTyCbX5xdE4
+yCuYp0AF2d15Qq1JSXT/lx8CEcXb9RbDddl8jGDv+spi5qPa8qEHiK7FwV2KpRE9
+83wGPnYsAm9BxLFb4YrLYcDFOIGULuk2FtrPS512Qea1bXASuvYXEpQNpGbnTGVs
+WXI9C+yjHztqyL2h8P6mlThPY9E9ue2fCqdgixfTFIF9Dm4SLHbphUS2iw7w1JgT
+69s7of9+I9l5lsJ9cozf1rxrXX4V1u/SotUuNB3Fp8oB4C1fLBEhSlMcUJirz1E8
+AziMCxS+VrRPDM+zfvpIJg3JljAh3PJHDiLu902v9w+Iplu1WyoB2aPfitxEhRN0
+YwIDAQAB
+-----END PUBLIC KEY-----)";
+	std::string rsa_pub_key_invalid = R"(-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzYuc22QSst/dS7geYYK
+5l5kLxU0tayNdixkEQ17ix+CUcUbKIsnyftZxaCYT46rQtXgCaYRdJcbB3hmyrOa
+vkhTpX79xJZnQmfuamMbZBqitvscxW9zRR9tBUL6vdi/0rpoUwPMEh8+Bw7CgYR0
+FK0DhWYBNDfe9HKcyZEv3max8Cdq18htxjEsdYO0iwzhtKRXomBWTdhD5ykd/fAC
+VTr4+KEY+IeLvubHVmLUhbE5NgWXxrRpGasDqzKhCTmsa2Ysf712rl57SlH0Wz/M
+r3F7aM9YpErzeYLrl0GhQr9BVJxOvXcVd4kmY+XkiCcrkyS1cnghnllh+LCwQu1s
+YwIDAQAB
+-----END PUBLIC KEY-----)";
+	std::string rsa512_priv_key = R"(-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDdlatRjRjogo3WojgGHFHYLugdUWAY9iR3fy4arWNA1KoS8kVw
+33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQsHUfQrSDv+MuSUMAe8jzKE4qW
++jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5Do2kQ+X5xK9cipRgEKwIDAQAB
+AoGAD+onAtVye4ic7VR7V50DF9bOnwRwNXrARcDhq9LWNRrRGElESYYTQ6EbatXS
+3MCyjjX2eMhu/aF5YhXBwkppwxg+EOmXeh+MzL7Zh284OuPbkglAaGhV9bb6/5Cp
+uGb1esyPbYW+Ty2PC0GSZfIXkXs76jXAu9TOBvD0ybc2YlkCQQDywg2R/7t3Q2OE
+2+yo382CLJdrlSLVROWKwb4tb2PjhY4XAwV8d1vy0RenxTB+K5Mu57uVSTHtrMK0
+GAtFr833AkEA6avx20OHo61Yela/4k5kQDtjEf1N0LfI+BcWZtxsS3jDM3i1Hp0K
+Su5rsCPb8acJo5RO26gGVrfAsDcIXKC+bQJAZZ2XIpsitLyPpuiMOvBbzPavd4gY
+6Z8KWrfYzJoI/Q9FuBo6rKwl4BFoToD7WIUS+hpkagwWiz+6zLoX1dbOZwJACmH5
+fSSjAkLRi54PKJ8TFUeOP15h9sQzydI8zJU+upvDEKZsZc/UhT/SySDOxQ4G/523
+Y0sz/OZtSWcol/UMgQJALesy++GdvoIDLfJX5GBQpuFgFenRiRDabxrE9MNUZ2aP
+FaFp+DyAe+b4nDwuJaW2LURbr8AEZga7oQj0uYxcYw==
+-----END RSA PRIVATE KEY-----)";
+	std::string rsa512_pub_key = R"(-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdlatRjRjogo3WojgGHFHYLugd
+UWAY9iR3fy4arWNA1KoS8kVw33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQs
+HUfQrSDv+MuSUMAe8jzKE4qW+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5D
+o2kQ+X5xK9cipRgEKwIDAQAB
+-----END PUBLIC KEY-----)";
+	std::string rsa512_pub_key_invalid = R"(-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzYuc22QSst/dS7geYYK
+5l5kLxU0tayNdixkEQ17ix+CUcUbKIsnyftZxaCYT46rQtXgCaYRdJcbB3hmyrOa
+vkhTpX79xJZnQmfuamMbZBqitvscxW9zRR9tBUL6vdi/0rpoUwPMEh8+Bw7CgYR0
+FK0DhWYBNDfe9HKcyZEv3max8Cdq18htxjEsdYO0iwzhtKRXomBWTdhD5ykd/fAC
+VTr4+KEY+IeLvubHVmLUhbE5NgWXxrRpGasDqzKhCTmsa2Ysf712rl57SlH0Wz/M
+r3F7aM9YpErzeYLrl0GhQr9BVJxOvXcVd4kmY+XkiCcrkyS1cnghnllh+LCwQu1s
+YwIDAQAB
+-----END PUBLIC KEY-----)";
+	std::string ecdsa521_priv_key = R"(-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIAuZxTZjLIZM5hxgZX+JRrqt5FKpAEg/meZ7m9aSE3XbRITqtfz1Uy
+h2Srn7o8+4j/jQpwHTTHZThy10u5jMjaR+mgBwYFK4EEACOhgYkDgYYABAFFah0k
+6m4ddp/tUN/ObrKKwSCp4QUZdiAMaC9eY1HyNBPuuEsH5qCfeY5lmeJwSUpzCosn
+rgW8M2hQ4Kr5V9OXrgHLA5WVtH6//sSkUY2/xYuqc7/Ln8gI5ddtr1qG64Xtgs05
+/CNajSjFZeLm76llakvYiBTTH/ii8hIfrwukW9IP7Q==
+-----END EC PRIVATE KEY-----)";
+	std::string ecdsa521_pub_key = R"(-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBRWodJOpuHXaf7VDfzm6yisEgqeEF
+GXYgDGgvXmNR8jQT7rhLB+agn3mOZZnicElKcwqLJ64FvDNoUOCq+VfTl64BywOV
+lbR+v/7EpFGNv8WLqnO/y5/ICOXXba9ahuuF7YLNOfwjWo0oxWXi5u+pZWpL2IgU
+0x/4ovISH68LpFvSD+0=
+-----END PUBLIC KEY-----)";
+	std::string ecdsa521_pub_key_invalid = R"(-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB3l84szH3VOII+Qp4TGgRqCps1q7N
+/41ucX90sVKT+6Z2FgYqGsfDcViWBdcjRQLL69LGApcvGGSa1MiYXmLWBYAAKriR
+7S63iNLzarnq1WnCH+GowDMl127CPoSW4LmMqV5rJLJQNwfiy+N0wph/Adnqqb+6
+w1N7aVXutqCx02T/jrQ=
+-----END PUBLIC KEY-----)";
+	std::string ecdsa384_priv_key = R"(-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDCrPXJDgQDtNRpM0qNUW/zN1vrCvOVH1CsItVZ+1NeGB+w/2whnIXJQ
+K7U5C1ETPHagBwYFK4EEACKhZANiAAR0JjvVJXc3u1I/7vt5mxzPtAIi1VIqxCwN
+wgISZVySTYZQzyicW2GfhMlFCow28LzqTwH/eCymAvnTAmpK/P1hXhNcnxDBZNOU
+WMbMLFcQrg2wwpIb/k/IXobNwjNPRBo=
+-----END EC PRIVATE KEY-----)";
+	std::string ecdsa384_pub_key = R"(-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEdCY71SV3N7tSP+77eZscz7QCItVSKsQs
+DcICEmVckk2GUM8onFthn4TJRQqMNvC86k8B/3gspgL50wJqSvz9YV4TXJ8QwWTT
+lFjGzCxXEK4NsMKSG/5PyF6GzcIzT0Qa
+-----END PUBLIC KEY-----)";
+	std::string ecdsa384_pub_key_invalid = R"(-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE7TAJMuqdY9JYXrv2p06bXhLmRddkCQZ6
+4BJeTNGz59QqbHk5+6avGj2lXK+c9rr0vejbts5A50WF1E4b7ItLxEIONfSbF74Q
+sQ4dg7kzXiz+XX/aEVqH1HlIa9YAJPaH
+-----END PUBLIC KEY-----)";
+	std::string ecdsa256_priv_key = R"(-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPGJGAm4X1fvBuC1z
+SpO/4Izx6PXfNMaiKaS5RUkFqEGhRANCAARCBvmeksd3QGTrVs2eMrrfa7CYF+sX
+sjyGg+Bo5mPKGH4Gs8M7oIvoP9pb/I85tdebtKlmiCZHAZE5w4DfJSV6
+-----END PRIVATE KEY-----)";
+	std::string ecdsa256_pub_key = R"(-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQgb5npLHd0Bk61bNnjK632uwmBfr
+F7I8hoPgaOZjyhh+BrPDO6CL6D/aW/yPObXXm7SpZogmRwGROcOA3yUleg==
+-----END PUBLIC KEY-----)";
+	std::string ecdsa256_pub_key_invalid = R"(-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoBUyo8CQAFPeYPvv78ylh5MwFZjT
+CLQeb042TjiMJxG+9DLFmRSMlBQ9T/RsLLc+PmpB1+7yPAR+oR5gZn3kJQ==
+-----END PUBLIC KEY-----)";
+	std::string ecdsa256_certificate = R"(-----BEGIN CERTIFICATE-----
+MIIB3zCCAYWgAwIBAgIUXns6sbspahSWU4TRQssO3NLmDr0wCgYIKoZIzj0EAwIw
+RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMDA3MjAyMTA4NTlaFw0yMTA3MjAy
+MTA4NTlaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWTATBgcqhkjOPQIBBggqhkjO
+PQMBBwNCAASa+WuX0TojwP3IFXEKO/9vHM+h1YBqTFY1wVGitOZewLxgXgCA8Mlu
+yubQaTjyu/2XMAUmcbPwddiUidU4P5OJo1MwUTAdBgNVHQ4EFgQUz9J272oD2ple
+bwxJWJ5IFTxFfTowHwYDVR0jBBgwFoAUz9J272oD2plebwxJWJ5IFTxFfTowDwYD
+VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAv2rcDBD4p/UeJIEFOK9j
+o4XKKbXs6oqMpkEDUinf6DACIGPcShH4m5haelZleORWM068C3BSVToRMSAivE79
+8ZhX
+-----END CERTIFICATE-----)";
+    std::string sample_cert = R"(-----BEGIN CERTIFICATE-----
+MIIDHDCCAgSgAwIBAgIIGlbUz5cvweUwDQYJKoZIhvcNAQEFBQAwMTEvMC0GA1UE
+AxMmc2VjdXJldG9rZW4uc3lzdGVtLmdzZXJ2aWNlYWNjb3VudC5jb20wHhcNMTkw
+NDEwMjEyMDUxWhcNMTkwNDI3MDkzNTUxWjAxMS8wLQYDVQQDEyZzZWN1cmV0b2tl
+bi5zeXN0ZW0uZ3NlcnZpY2VhY2NvdW50LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALRPFSsUi/bGcMVkD+XjJ6z/71u+7Wn1C1bRnM9sU3q7+Ere
+DV6an+z+YsjblskBX73h1GyYvmtkyuL7Uq0N+y+RTOmd2fwDw48gM5FEq6DNpVVW
+ZRIzzoMSLZCB+tg1eQZdGKtmctdd5Jjhwihf9Aa759fcj60GDG39G6A/w4Jok+J6
+7sRabxxontJ4Kpo6zmwUKbWF8naJeCRTO0VAYLkJqEWO4VJTIHJeu2WpxM0qzvY9
+IY5Yd7Njegu64FoHU55dSfee2KwDa0/bajrknJfxWBN4hk/rqgGjxQmzAYMCB7/p
+/9Snfg4NmfX5cJJ01SNzY6Q/mJRjB3iX2PBz+GsCAwEAAaM4MDYwDAYDVR0TAQH/
+BAIwADAOBgNVHQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDQYJ
+KoZIhvcNAQEFBQADggEBAKCSq0D+NIAsGULZrhXouurxInxDyq03xLNcxvKDQchc
+XfGA1r3eltmlyKQb5TmAsuKwS/LAQ5z8SlRTOmDGVEtDwnw3S83C4ufXbP0eMB6H
+eKf2XCA00T3odUfXmQZme8hG6z7GKVOdn/0oY+vaX38brlCpRXDTm1WldyddUpMz
+ftcs6dibdnbQtbX6o9E+KuvGHoNW5xcSjX8lwXTpopfvufPOLPcnFXi4UoYZ8NZ2
+2mRG78LkOA+SkOMutbt6w7TBDvADmFzuzvAULy4gsfcamOYcQ7uiHnnD+PoNiNbw
+flE/m/0zymX8I/Xu3+KKLhUnUROGC6zO3OnLHXCnEns=
+-----END CERTIFICATE-----)";
+    std::string sample_cert_pubkey = R"(-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE8VKxSL9sZwxWQP5eMn
+rP/vW77tafULVtGcz2xTerv4St4NXpqf7P5iyNuWyQFfveHUbJi+a2TK4vtSrQ37
+L5FM6Z3Z/APDjyAzkUSroM2lVVZlEjPOgxItkIH62DV5Bl0Yq2Zy113kmOHCKF/0
+Brvn19yPrQYMbf0boD/DgmiT4nruxFpvHGie0ngqmjrObBQptYXydol4JFM7RUBg
+uQmoRY7hUlMgcl67ZanEzSrO9j0hjlh3s2N6C7rgWgdTnl1J957YrANrT9tqOuSc
+l/FYE3iGT+uqAaPFCbMBgwIHv+n/1Kd+Dg2Z9flwknTVI3NjpD+YlGMHeJfY8HP4
+awIDAQAB
+-----END PUBLIC KEY-----
+)";
+}