From 2eda2404144735f3a57ad645e0c87770411a399b Mon Sep 17 00:00:00 2001
From: job <job@openbsd.org>
Date: Wed, 2 Nov 2022 12:56:38 +0000
Subject: [PATCH] Add regress for Signed TAL (.tak) files

---
 regress/usr.sbin/rpki-client/Makefile.inc     |   8 +-
 .../usr.sbin/rpki-client/openssl11/Makefile   |   3 +-
 .../tak/05F53BCE4DAA11EDB9AC0C5B9E174E93.tak  | Bin 0 -> 2576 bytes
 .../tak/42AE70A64DA711EDB37796549E174E93.tak  | Bin 0 -> 2122 bytes
 .../tak/B7C2334E4DA911EDAF862D5A9E174E93.tak  | Bin 0 -> 2463 bytes
 regress/usr.sbin/rpki-client/test-tak.c       |  97 ++++++++++++++++++
 6 files changed, 106 insertions(+), 2 deletions(-)
 create mode 100644 regress/usr.sbin/rpki-client/tak/05F53BCE4DAA11EDB9AC0C5B9E174E93.tak
 create mode 100644 regress/usr.sbin/rpki-client/tak/42AE70A64DA711EDB37796549E174E93.tak
 create mode 100644 regress/usr.sbin/rpki-client/tak/B7C2334E4DA911EDAF862D5A9E174E93.tak
 create mode 100644 regress/usr.sbin/rpki-client/test-tak.c

diff --git a/regress/usr.sbin/rpki-client/Makefile.inc b/regress/usr.sbin/rpki-client/Makefile.inc
index e35dcf67db5..9a690df0c30 100644
--- a/regress/usr.sbin/rpki-client/Makefile.inc
+++ b/regress/usr.sbin/rpki-client/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.25 2022/08/30 22:48:16 job Exp $
+# $OpenBSD: Makefile.inc,v 1.26 2022/11/02 12:56:38 job Exp $
 
 .PATH:		${.CURDIR}/../../../../usr.sbin/rpki-client
 
@@ -11,6 +11,7 @@ PROGS += test-rsc
 PROGS += test-tal
 PROGS += test-rrdp
 PROGS += test-aspa
+PROGS += test-tak
 
 .for p in ${PROGS}
 REGRESS_TARGETS += run-regress-$p
@@ -65,6 +66,11 @@ SRCS_test-aspa+=	test-aspa.c aspa.c cms.c x509.c ip.c as.c io.c log.c \
 run-regress-test-aspa: test-aspa
 	./test-aspa -v ${.CURDIR}/../aspa/*.asa
 
+SRCS_test-tak+=	test-tak.c tak.c cms.c x509.c ip.c as.c io.c log.c \
+		encoding.c print.c validate.c cert.c mft.c
+run-regress-test-tak: test-tak
+	./test-tak -v ${.CURDIR}/../tak/*.tak
+
 SRCS_test-rrdp+=	test-rrdp.c rrdp_delta.c rrdp_notification.c \
 			rrdp_snapshot.c rrdp_util.c \
 			log.c encoding.c ip.c validate.c dummy.c x509.c
diff --git a/regress/usr.sbin/rpki-client/openssl11/Makefile b/regress/usr.sbin/rpki-client/openssl11/Makefile
index 0df73646a24..4080e51512a 100644
--- a/regress/usr.sbin/rpki-client/openssl11/Makefile
+++ b/regress/usr.sbin/rpki-client/openssl11/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.12 2022/10/14 17:17:13 tb Exp $
+# $OpenBSD: Makefile,v 1.13 2022/11/02 12:56:38 job Exp $
 
 LDADD +=	-Wl,-rpath,/usr/local/lib/eopenssl11 -L/usr/local/lib/eopenssl11
 CFLAGS +=	-I${.CURDIR}/ -I/usr/local/include/eopenssl11/
@@ -26,6 +26,7 @@ SRCS_test-bgpsec =	a_time_tm_gen.c o_time.c bs_ber.c bs_cbb.c bs_cbs.c
 SRCS_test-rrdp =	a_time_tm_gen.c o_time.c bs_ber.c bs_cbb.c bs_cbs.c
 SRCS_test-rsc =		a_time_tm_gen.c o_time.c bs_ber.c bs_cbb.c bs_cbs.c
 SRCS_test-aspa =	a_time_tm_gen.c o_time.c bs_ber.c bs_cbb.c bs_cbs.c
+SRCS_test-tak =		a_time_tm_gen.c o_time.c bs_ber.c bs_cbb.c bs_cbs.c
 CFLAGS +=	-I${.CURDIR}/../../../../lib/libcrypto/
 CFLAGS +=	-I${.CURDIR}/../../../../lib/libcrypto/bytestring
 
diff --git a/regress/usr.sbin/rpki-client/tak/05F53BCE4DAA11EDB9AC0C5B9E174E93.tak b/regress/usr.sbin/rpki-client/tak/05F53BCE4DAA11EDB9AC0C5B9E174E93.tak
new file mode 100644
index 0000000000000000000000000000000000000000..71a01eda1c5c08e98a9a11392b60cbae28d7736b
GIT binary patch
literal 2576
zcmcImc~nzp7SBsw2oN9`mc#{!ER{lmF9{@sRRTc-WDAQhjS3+^SQ1ELWtj@RLKGEL
zKt+U^2xxI*5wr?aJ0PM6DkI3ERMFC+C<5XF3^Kt}t#eN2%$d`f_x^b2e)s#%{qFs}
z-~C;HsB5UGS;)QQZ!{qsT7jr707PvT4PmI70I#C9MeYR&FfbYd2qsbm|LaCIZHT5o
zFaa=v@l`s!00NZ*LycALTO|^KNJdEzq)}qT5{g(Nj1`I^6Dh%Nz92-OE0Ly&_zpHU
zlH>%Tl}sR&MG2y<Ba=l!zO_govyljr#ZsY6EJ?HBc(6R|JncEQ9&RiumE*x?xw!*(
zJ2s0$W!iFBbQ_6SEVJedB+AgnK=We?5QIfx5Qu<MuB)RF2tr-YdDB?;{IuSM_J^@K
zeR~SvXw$-DT=Q*yJ3=&CIP*=f)rwB|RaNf0(=;jSAPNINlTiID&+<p?FA<^*qjXdD
zoSj+o2DRYHymK$xpopMg$J&2;Rd>1fY)j)XroZ~}M&ii5l(591nS}L`<qbn1VR!I1
zUzN!0Qd^3>t5e2Awwcck{CWK6{G?iB-J>Y?!u+~hl;{KAnI=X~7>G-DI~4B%{jyuL
z$1vcy88K8Zus%y<fgSi!FgvQIA5prn2naaSHtVPBZ%Fs>Cq~%&AG|Zk|NQX&@r%v0
z2z2*|_U4W=M^Pi08)yycC)cFhWI69>F&|l%%3d})JJdtITaU&-DCj5xRVpj;S3uD)
z<Zk8j1yZRJo<9zgC)3`}jcE)1I81i~3pmCcBICjIj}6)wUs9DH+E(5$m`mO6UiJ#B
z=<1O$9S#q`eJ-SW`<S`x`x9RZYV(c?%bnJ~*}E#CDCqMrd!2Cq&w>WlWsJ_~FnLGv
zLJMSz{cFu&Vt9O&d4AQYjJH<gJ=c$PTk*AP=7!@|@bK#1l(9pr#~+iXN=fe)p0`h0
zf6Kj7A`ITeO|?9DdHmSS;Gw$0jQW$kI-!{4(2LnWEUFzN=NN>YQIX8z!i!#-F;n*I
z;<F#_3;2pLnEfPgWxRyL?ilD``P+1=rw`UID>mgmoA)fm1)KV{R^~HaK6sWbs2(&x
zmv_F%nc~6TD>Ql+8y>l&Ii>`@he?6Jw*dloDLK`sz@Q;C8p3}1bK|inphH~-2r8Hm
z7^9&om03j#lEidiNYVrVP?hidCxWC&XMSP=GF2bwzCWa+$)MZvS#)}gRTP5}{U7O5
zI?#;RVup~bH?CFgOm96}b3@OseANBBT#RqFeq(OQ;ej1NklEbU^0r50GAmBKHDVmS
z8dYx79O>GXnN&41rZvk6cX#yudu&b47jr?&yKd0RTAS80=Ix_;=jVKz@h(!h$T!Fv
z(x1cEO^CmrMy)<8=o%X3q4VPWhRgO|(>qZ(^SEyAGO_p!t`MKyisPF<Z=Gg+oob(e
zGZSb_>Iv7-XXA>uH*{Y#51jM}?i=3A^}Str>9WC8O!F@C@Y?aa+v^_9q-xxKg?|zq
z?Xrz^;ONU7ayJ+tk!t&mJ7-^=rala37xbZuUi8%kZW=ikRZ&BbU(ri$jlX1g>pd=&
z2-*}NXbLb;*3du;)`xYOwGGh@PYD6Y6H4#2r0q{TD@+`K(URK)CIkH}UDYeO|ER7E
zpFX3uZj8`v<P}u3VK2~H+CYGyMHt4QaakZ^$u@#zKmw8#B1NJ+{=aLH3^!ZazvZ6$
z2CnC3A7Ol0jE~GcBu4CE4`R5UKEc7^_SSq!A`q*nTB<-;EDnNTK8OUHKiB{*|G%_q
z@=~^xrR=qU22lSHP74jPcYiP-Je&!>Ru<;hy8*mh{6DM-u=BK|v)z|;#qIZW#ab4b
z0Q5cthg6p?s{&vJTFJcCAD5LCTZD-~8>ql&lu~itf0wp=B1B5ADuoC_W$b)Wll+)>
zm3z4VUfnGdr0pt};;$OJ{CvB?75{B-Rl1Y146lKM{5!fg{f`8F5$8De{JVTqxIp}F
z=AfGEe#^cvF!pvx5iq2Kq-v~%ENJP`)Kg=Gm6Li#88Hh#-8z~4)HN+4&c`y!;%R}<
zWiC;*oEG4inm8}{9)Ei>%Ae>jbgH^cXxBOSs=K)N`k{V&n|Z6nB2q=?xh822rwTZ~
zge;TOUq}aOPP!@Bm7DhUnk00BW9t)*EnetP1V8*q-gIsDN|ltYuejSiv5eUGjjm>C
zqfMS!_0J;#qg}U2U36ECJTGEE`~_3hvi$~CbtxTb6AN*wl!}n_PIW2*om6(2<I0gD
z>-Smn>6oEN04qL<xteka`IngktoqG|r4mS*G@7#KF=%ue!;TRFY<}~?RAZR3w}1Y^
z;djnCbu-5eobzzE@0Z_F&q;S)vkCF><-98L{}e7IiZBA9oC>sz`dW5oj}ERXIgyoa
zXqOk^bG_8K$>Xh4L}Jh6{k&XG*iGV;XI1TKIE!t2-mkc}0J)#CWt!O&YT<FOCJDbh
z^2sLF`1aR}S9_1C#-fDJB#{MVw=Zp*m@LOkYzU>jdDizY^SIcqH=S7<gGn1bw70cW
zGRw7mJx3b1bY}M)NuS!dZn3SYq)WcCLZstx&uv`QGQZ?e>ucwc^al>TsYOwtR??Pd
zH_l#MTe!2u^g_pDPiK9eW6`d%ExWC(jh|Say2R_S{#(>dS)*v5kX)@2P;tnsom7_F
o3EBw49}HvTPn|QW;2n6Wy1;vAQNvp?b>8w|AvRMF1hV7)3A<{>MF0Q*

literal 0
HcmV?d00001

diff --git a/regress/usr.sbin/rpki-client/tak/42AE70A64DA711EDB37796549E174E93.tak b/regress/usr.sbin/rpki-client/tak/42AE70A64DA711EDB37796549E174E93.tak
new file mode 100644
index 0000000000000000000000000000000000000000..cc4e89f094a18505ae815998457a93c838868e4a
GIT binary patch
literal 2122
zcmcIl3s6&68qU4B3Bizn7y`N^yksa?$jOTkX<Z_T@>-OKP!MQBNF7KZ5VC?*6az$E
z<t<VRLZTIXRjs^4UJ7ch7K2KB)D^`?K&ZtnC?E<Om}=RX?d<H#?!9y8%zyrK?)lI6
z&HsHsg<FL+byNGP#|e-LtWn`OK!sz%5SmT^c&w>V?FUKF2n+!gREfp^w$Ri9VrW#*
zZbSv`FeY-0-!^~(>&Rh>^i3(^<usZiRhsCol%y-;B?%s))RaWAM~XyAQ%F+f>4{3Y
zViS$&#aqeauy`y!k3**m_$!$l4%d^-;tJ>-mVnEoDdcjchghO8{@f7|J`@Q-7!+Cs
znWK#J3t$xlp;~Y>eaXqAr*jwD?e<yLeJE|Z7HJ9?uP=?Vu1fE}LH;f~5*BocNz;*q
zGOOb9+g}}XZ_qcMCzPE%b$VZ`zvt$gg1%wB<#lMii{~BQ-LjW^A`Z(ENAKp^mt)$G
zcRtpR2ZkrSh4VP8+qC!E52|-6S|0fYR2L=vY@_bbaC3fLoknFZ-!ovR-PqYt^tS0z
zki$%8kZsNNAIr5@g<Zppiq8XMFS3RAg=cz(n4{Stq%eX+DsV<gX?aWCzh+h3b<U5A
zwd^RIdFLuzc{jXy**_-h_?W@W{+325V?kY%$-X$#^SyPB-x-E~c``DJS9kdSunPnq
zsqVQ~LX4S$(GUvKs1O}cA=iKkU8h0A5DY`eeAMt56tJXQ03sH>4ndolq$}MMB*}6>
zwI%=n=*D;MiMA#%IrBnbLni~$+@3`QPbN$3CE+HxOX7jof28FaFKW-Gi<^6gaAk2t
zw~?#$Z=AZTp9-Elh`duvO$^?Gsrp#izQtQ~c4D2~g|cG*RJ+iF{^b=Jc|{|bs1}@G
zaoXlyMsU)v=_GyVE%w;<H>LiBEwl$TyOGvr+vgLPb7f0LdOn`^-X?yTQG{=JSYIwk
zu&^w?K8~1=R=s_M2M^9Qc+0G99GiwGrQO43$pvq|s9vahTv?%gMj2>5H0mkeaK>3y
zb4-eI5ACV@O3E0Hb7F^TJQjUAh40hy!#|~d?~pZ23A?qG=lWWEr61#(t3w_5#4qh}
zZ}|_9Pnqu<vxPUaiX$SrqDe7-l1=EbddgtL?$|DVU+|rXs5x2=so<qR1=|CP5km?Q
zAtNL=>b2t1o8NE^gr}}Sr*P&ck8ocDyV<l8Vgtz8q(XAdxf52D?hPmE4YKgY^%h4X
zNprkW%pqt7LC~;CHrPD7!46RZ1xVGTXk_Z7|El$T84RB1AGTgnrYQNZX&DiIVtR@q
zC_FiSRTv{O(>FCDGsHuzkO4Usw+stmFeVU$h=B-v{yqk<`u`#UHnX?2pS?X1n1KcF
zk0Zih`|kGvgh#f4EF&<#)duit`Tr0T7K10?fIkM!Ln)F1tM`XPxY=T{0MWq4#&h^E
zZA5Gau>=+Xi@+$OlFf~?OXdlju~m%%2cg8ia)%XG$!jZugKJY{6Zq$Fh-<xz7e1)=
zlJovBKH`7i?@-Q9(+^87O`s$DgZ}p8u7{52mn5uQD~cH~P_nu^u4E*=INP(B$lsdl
z_}YI}tyxqftxFO(Aa#GWv%P>BoAEt|tz#$0-BRBu>xs59A9~s2vKLC!mhG&0=INb2
zkf}SOeg~aad{*$3McCed+;`WLnG+kP*&E|O3je|klb>JmmmMRr(6<b?wlPT9TDUB2
z+l{d%pLT<D!{HU#rsPq1y!+2m+nH!@4%J^6(&n%0;BPn({n6{T#hsL9mv8%=PEq#y
z(A-2BOoeZ3Zs2ucxkc|(vrXRim_e&|Tj(n2m{DbFjAoSm@4IHcL20C5$p@1#HQLv|
zxD~MdJ%^#2TN4-zqvm-sn1BPg(SY`Q7NI*L_I3?hnOAg@RkanjI=TmO`CFSF<Y%4<
zHRyc2V3zaM_4Da6vS{={)cNP7#n}ep6;XP{SmUD|2iBfz8sbZKBq=Uxk;(mv(|YZS
zU*cP<4_dPQ?kB#g7UZnG{CLGe%YFP;-sG(ClH*$Ow<7zH`-v`7P1NQ3xZ{z{q9u#t
z*;07pm*K&AabM~$2&?sN&6fk$w8}$mUyZ9+EkUw?L*~@g8I}D_)Ss{y0>%}(7cYsl
zf|ExR3|`B{v}d8~Y9iKzp<VY6u5ld`FXH9As3e+VQL&dNBTWk9DKhdt{iN%zserwG
zPnO2`b(&0Px^4QTfRW=+^!3Ey^hT1)_|)M>A*ZxdVb;m5`?J%6Do}oosJ=H~SfqAl
Ti>}=sx_bMam#DOAXsq&|bodm{

literal 0
HcmV?d00001

diff --git a/regress/usr.sbin/rpki-client/tak/B7C2334E4DA911EDAF862D5A9E174E93.tak b/regress/usr.sbin/rpki-client/tak/B7C2334E4DA911EDAF862D5A9E174E93.tak
new file mode 100644
index 0000000000000000000000000000000000000000..c1b87b862a4737562ca58e918125a18df245f38b
GIT binary patch
literal 2463
zcmeHJYgAKL7S6r71Y!u!@USBxfCIh=Cl8*5LIeaQG9X4Cf*2skOTvVZ0&0OP22q=0
zsU1XtP!x)w9R-92XUXugN+?1>DM$?qT9ERPDKEv5xwwj@Yfab8tTpp*?)`DsK6{^g
z_WAbN-**5?yhI>wlX^=R$&flMM~UYEN<0licm^4e2*kruZ%BYgU<jb_a{}q-K%x%B
zl%w!d1ce7N$76s(82|@(h5@4Fw8Tg!8yitle5|!tkSvZ6MA7+4iLsINM1j~wBuEk_
z$BKobG#ieG<1P-{mc#boI5HTX9-Lhcc1#ajj-w~Tp6%(#vJnY|VtS-Ng#Fwckl!W=
zL25WW3Tfl8@eMEvLAYB9gNo!_s%6W?La(lNCH)y)9FMfjMg?9W>u<Gm|AS?)FSlfH
z*2;>NslCYFS+&gm%Xs+Hmcyf`c*^5T5d^2uI;W^<pKY3xU$*KT)Vo{E|3LE&+AvY1
zn0_pgP#YJwIR4pMG=NX17(>m}hDy`DgP8+a(^H3CDnr{hy5zR|mWJETCOa69?fb%K
zqtD@JZg1Iv9k)82Ow`XhXj4pUC!~5a$6wE<=5i{|j-qXfFXrr5X3RdyF7MGi&(&?+
zd#82q4)2Ec-a-p~nV<g;uAG{ORL?WP>a`7?FUoUf6jgH}*N)O^D2%qtj3<UYw;r`+
zWLhOe9hkXMvD6LSgYgg!Dn%hb3=u9?26IE&S{VeX{G&+;0(xwsgr5)_^?ywNBTVHe
z@(`ei5}^26IUa^!7(&*cM3Nc~=reSIHUZB=@R}OQV(TcuQ6UphjmQ812KK&rLX5~P
z`*kKTW*7p>n@Rd)I~F_Akr@$*O|`TAmuFpdh<i%@x?{?6wqW{$R}Udewv2gUa-n#n
z?yI41vQC6vm3+=_b+V8ewJuIpRaD%Y^1oCq{j0mHY;HpT1+npU*KV)w)<wVi4xi>%
z)*W6y{s6f%nALmw<6K$<q?8>O1LrCE3u7$T<6WC94$59Cf+n_Dit1zo5p(jKtlL|k
z9J=3=WX8_hPWbHO#1>=8y$2%;%Zhd_gXgkNzlLoW^krPIM0q?(eeg$kzkC^2Wh1sP
zXSpdt80P{WoN2E;d%s*m<17F0k>_7VaL$<+T;FtCr|+lTM7JWh%a^^y-+lNr_DJ5v
zndnc>&pWJyZoWBM^!>g`G!M5qY<b}IzQo*-H)p*Jg*RigLjxulh9+8wAwsF~|F$BK
z5(x1^XOK-%h02)9kvw3!>b5|Pfng@)u0f!xr{(VNok@k?47&aVe{Yd}3}~$eXhYBn
zg5Y8GOmJ+~Hbulh1d`;5@&swzS|k0NeCEE({Wtkcl6oMB?aTF$r12cwZAJT;>EY>|
z6kc46cQQRvlmLVTjqL<TO-&twkVwD>;cGU4rT-INHD28<ZFTorKoe|OTTTlGS!dS_
zh=gQ-6BsZ*=LSep;eQd6o%Zfb7K`oqTcFX!{CHrnwm77*nk)ezav1A8v$w+-Vk?Lq
z&;bMl#$odC=DQlQPBpMz#Z&{r>0}J4Oy2GEr-e5;7)UmMK2-dj^3$h#lN8dbk4gop
zGE~%ER`^O$bd%iC_v}K|?nA@r>eW-YeAOdUf{XvN>Qdah*L0f-1DwZ{eZnqQ(}wJ{
zhECtk3w^!zn#A09c;+t#4V*nYYRLj;+K!~KL&FCfeclVa7Gbhu%1*3F0=gWPtj%yj
zGFBE>Zyb^uRCa>v0yInD)c3n<hoA3Jo(}$7OTvADo#Bz_98WjO&^*cP3Y7XtF*oj<
z&CAYD5%hX-`-?4RQgX+p=Cw%)_I18iejE-*PeN1-|1KwfJbl|@*yPp1)2#(|###sF
z+aMjikDb%PG@?(c^vwAg3>3PCu}nFp@R|R-Yu2m2JRZFBR(Xloo#0nj0I=y7pBh8k
zh|FYSoM*>mG1+X}5Mc9*7h#wqw6xw#=&DQ1dG)Uw!s?phCQm=G8uISdS_qETAG)OE
z^4FIOt0ICzxQzstG1zkBENz&~T53+#);mcZ>TlW_Jid@#z^+k@Ojq|r1=TN(*7xj0
z$PTTiu79#~t|+!9uD@pMo(>xGrR{seS<cGt6F`t}GihFe_S96Bm$mnO>Np2ws)qOk
zWr^G015T1c?veXT;o`Pnr)DF1%Y+wa04a%ayAe(=5Z2G!yxMDD_u=*~X7hQzcP}&b
z<<|*1IhBnL>5uPE{MgIl>V77={m@mGR!K3BF*_5o#B956{k~{f<x*f(yC1q3N&VLO
z8TY#63Or9O3sN;!fRGe3+hZ#x;}y#>ee_tjRGExAm|vbZD%|oU*0j?w{Yav5eSd(M
JnfIsN{{ZEJu>Jr5

literal 0
HcmV?d00001

diff --git a/regress/usr.sbin/rpki-client/test-tak.c b/regress/usr.sbin/rpki-client/test-tak.c
new file mode 100644
index 00000000000..ee475129f6d
--- /dev/null
+++ b/regress/usr.sbin/rpki-client/test-tak.c
@@ -0,0 +1,97 @@
+/*	$Id: test-tak.c,v 1.1 2022/11/02 12:56:38 job Exp $ */
+/*
+ * Copyright (c) 2022 Job Snijders <job@fastly.com>
+ * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <assert.h>
+#include <err.h>
+#include <inttypes.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+
+#include "extern.h"
+
+int outformats;
+int verbose;
+
+int
+main(int argc, char *argv[])
+{
+	int		 c, i, ppem = 0, verb = 0;
+	X509		*xp = NULL;
+	struct tak	*p;
+	unsigned char	*buf;
+	size_t		 len;
+
+	ERR_load_crypto_strings();
+	OpenSSL_add_all_ciphers();
+	OpenSSL_add_all_digests();
+	x509_init_oid();
+
+	while ((c = getopt(argc, argv, "pv")) != -1)
+		switch (c) {
+		case 'p':
+			if (ppem)
+				break;
+			ppem = 1;
+			break;
+		case 'v':
+			verb++;
+			break;
+		default:
+			errx(1, "bad argument %c", c);
+		}
+
+	argv += optind;
+	argc -= optind;
+
+	if (argc == 0)
+		errx(1, "argument missing");
+
+	for (i = 0; i < argc; i++) {
+		buf = load_file(argv[i], &len);
+		if ((p = tak_parse(&xp, argv[i], buf, len)) == NULL) {
+			free(buf);
+			break;
+		}
+		if (verb)
+			tak_print(xp, p);
+		if (ppem) {
+			if (!PEM_write_X509(stdout, xp))
+				errx(1, "PEM_write_X509: unable to write cert");
+		}
+		free(buf);
+		tak_free(p);
+		X509_free(xp);
+	}
+
+	EVP_cleanup();
+	CRYPTO_cleanup_all_ex_data();
+	ERR_free_strings();
+
+	if (i < argc)
+		errx(1, "test failed for %s", argv[i]);
+
+	printf("OK\n");
+	return 0;
+}
-- 
2.20.1