Test from_pkcs8 without new dev dependencies

Cargo.toml

@@ -35,7 +35,5 @@ openssl-probe = "0.1"
 openssl-src = { version = "300.0.3", optional = true }
 
 [dev-dependencies]
-pem = "1.0"
-rsa = { version = "0.5.0", features = ["alloc", "pem", "std"] }
 tempfile = "3.0"
 test-cert-gen = "0.7"

src/lib.rs

@@ -123,8 +123,6 @@ mod imp;
 
 #[cfg(test)]
 mod test;
-#[cfg(test)]
-extern crate rsa;
 
 /// A typedef of the result-type returned by many methods.
 pub type Result<T> = result::Result<T, Error>;

src/test.rs

@@ -351,7 +351,7 @@ fn import_same_identity_multiple_times() {
     ));
 
     let cert = keys.server.cert_and_key.cert.to_pem().into_bytes();
-    let key = rsa_to_pkcs8(&key_to_pem(keys.server.cert_and_key.key.get_der())).into_bytes();
+    let key = rsa_to_pkcs8(&keys.server.cert_and_key.key.to_pem_incorrect()).into_bytes();
     let _ = p!(Identity::from_pkcs8(&cert, &key));
     let _ = p!(Identity::from_pkcs8(&cert, &key));
 }
@@ -360,7 +360,7 @@ fn import_same_identity_multiple_times() {
 fn from_pkcs8_rejects_rsa_key() {
     let keys = test_cert_gen::keys();
     let cert = keys.server.cert_and_key.cert.to_pem().into_bytes();
-    let rsa_key = key_to_pem(keys.server.cert_and_key.key.get_der());
+    let rsa_key = keys.server.cert_and_key.key.to_pem_incorrect();
     assert!(Identity::from_pkcs8(&cert, rsa_key.as_bytes()).is_err());
     let pkcs8_key = rsa_to_pkcs8(&rsa_key);
     assert!(Identity::from_pkcs8(&cert, pkcs8_key.as_bytes()).is_ok());
@@ -439,7 +439,7 @@ fn alpn_google_none() {
 fn server_pkcs8() {
     let keys = test_cert_gen::keys();
     let cert = keys.server.cert_and_key.cert.to_pem().into_bytes();
-    let key = rsa_to_pkcs8(&key_to_pem(keys.server.cert_and_key.key.get_der())).into_bytes();
+    let key = rsa_to_pkcs8(&keys.server.cert_and_key.key.to_pem_incorrect()).into_bytes();
 
     let ident = Identity::from_pkcs8(&cert, &key).unwrap();
     let ident2 = ident.clone();
@@ -486,7 +486,7 @@ fn server_pkcs8() {
 fn two_servers() {
     let keys1 = test_cert_gen::gen_keys();
     let cert = keys1.server.cert_and_key.cert.to_pem().into_bytes();
-    let key = rsa_to_pkcs8(&key_to_pem(keys1.server.cert_and_key.key.get_der())).into_bytes();
+    let key = rsa_to_pkcs8(&keys1.server.cert_and_key.key.to_pem_incorrect()).into_bytes();
     let identity = p!(Identity::from_pkcs8(&cert, &key));
     let builder = TlsAcceptor::builder(identity);
     let builder = p!(builder.build());
@@ -507,7 +507,7 @@ fn two_servers() {
 
     let keys2 = test_cert_gen::gen_keys();
     let cert = keys2.server.cert_and_key.cert.to_pem().into_bytes();
-    let key = rsa_to_pkcs8(&key_to_pem(keys2.server.cert_and_key.key.get_der())).into_bytes();
+    let key = rsa_to_pkcs8(&keys2.server.cert_and_key.key.to_pem_incorrect()).into_bytes();
     let identity = p!(Identity::from_pkcs8(&cert, &key));
     let builder = TlsAcceptor::builder(identity);
     let builder = p!(builder.build());
@@ -556,17 +556,18 @@ fn two_servers() {
     p!(j2.join());
 }
 
-fn key_to_pem(der: &[u8]) -> String {
-    pem::encode(&pem::Pem {
-        tag: "RSA PRIVATE KEY".to_owned(),
-        contents: der.to_owned(),
-    })
-}
-
 fn rsa_to_pkcs8(pem: &str) -> String {
-    use rsa::{pkcs1::FromRsaPrivateKey, pkcs8::ToPrivateKey, RsaPrivateKey};
-    let pkey = RsaPrivateKey::from_pkcs1_pem(pem).unwrap();
-    let pkcs8_pem = pkey.to_pkcs8_pem().unwrap();
-    let pkcs8_pem: &str = pkcs8_pem.as_ref();
-    pkcs8_pem.to_owned()
+    let mut child = Command::new("openssl")
+        .arg("pkcs8")
+        .arg("-topk8")
+        .arg("-nocrypt")
+        .stdin(Stdio::piped())
+        .stdout(Stdio::piped())
+        .spawn()
+        .unwrap();
+    {
+        let child_stdin = child.stdin.as_mut().unwrap();
+        child_stdin.write_all(pem.as_bytes()).unwrap();
+    }
+    String::from_utf8(child.wait_with_output().unwrap().stdout).unwrap()
 }