Added support for PKCS#8-encrypted private keys.

The patch contains the following changes:

- Private RSA keys can be imported/exported in encrypted form,
  protected according to PKCS#8 and:

  * PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC.
  * PBKDF2WithHMAC-SHA1AndAES128-CBC
  * PBKDF2WithHMAC-SHA1AndAES192-CBC
  * PBKDF2WithHMAC-SHA1AndAES256-CBC

  In addition to that, it is possible to import keys i the
  following weak formats:

  * pbeWithMD5AndDES-CBC
  * pbeWithSHA1AndRC2-CBC
  * pbeWithMD5AndRC2-CBC
  * pbeWithSHA1AndDES-CBC

- The following new module (and 1 new package) are added:

  * Crypto.Util.Padding for simple padding/unpadding logic
  * Crypto.IO._PBES for PBE-related PKCS#5 logic
  * Crypto.IO.PEM for PEM wrapping/unwrapping
  * Crypto.IO.PKCS8 for PKCS#8 wrapping/unwrapping

- All Object ID (OIDs) are now in dotted form to increase
  readability.

- Add AES support to PEM format (decode only).
  The PEM module can decrypt messages protected with AES-CBC.

- Update RSA import test cases.

- Updated to PKCS8 test cases

16 files changed, 689 insertions, 39 deletions

diff --git a/lib/Crypto/SelfTest/Hash/common.py b/lib/Crypto/SelfTest/Hash/common.py
index e722800..48cebe7 100644
--- a/lib/Crypto/SelfTest/Hash/common.py
+++ b/lib/Crypto/SelfTest/Hash/common.py
@@ -222,7 +222,7 @@ def make_hash_tests(module, module_name, test_data, digest_size, oid=None):
     name = "%s #%d: digest_size" % (module_name, i+1)
     tests.append(HashDigestSizeSelfTest(module, name, digest_size))
     if oid is not None:
-        tests.append(HashTestOID(module, b(oid)))
+        tests.append(HashTestOID(module, oid))
     tests.append(HashDocStringTest(module))
     if getattr(module, 'name', None) is not None:
         tests.append(GenericHashConstructorTest(module))
diff --git a/lib/Crypto/SelfTest/Hash/test_MD2.py b/lib/Crypto/SelfTest/Hash/test_MD2.py
index db636d4..fd03e78 100644
--- a/lib/Crypto/SelfTest/Hash/test_MD2.py
+++ b/lib/Crypto/SelfTest/Hash/test_MD2.py
@@ -54,7 +54,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(MD2, "MD2", test_data,
         digest_size=16,
-        oid="\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02")
+        oid="1.2.840.113549.2.2")
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_MD4.py b/lib/Crypto/SelfTest/Hash/test_MD4.py
index 1727bb6..7dbf49f 100644
--- a/lib/Crypto/SelfTest/Hash/test_MD4.py
+++ b/lib/Crypto/SelfTest/Hash/test_MD4.py
@@ -54,7 +54,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(MD4, "MD4", test_data,
         digest_size=16,
-        oid="\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x04")
+        oid="1.2.840.113549.2.4")
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_MD5.py b/lib/Crypto/SelfTest/Hash/test_MD5.py
index 2e293fc..0683113 100644
--- a/lib/Crypto/SelfTest/Hash/test_MD5.py
+++ b/lib/Crypto/SelfTest/Hash/test_MD5.py
@@ -54,7 +54,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(MD5, "MD5", test_data,
         digest_size=16,
-        oid="\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05")
+        oid="1.2.840.113549.2.5")
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_RIPEMD160.py b/lib/Crypto/SelfTest/Hash/test_RIPEMD160.py
index d476249..b0d6980 100644
--- a/lib/Crypto/SelfTest/Hash/test_RIPEMD160.py
+++ b/lib/Crypto/SelfTest/Hash/test_RIPEMD160.py
@@ -63,7 +63,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(RIPEMD160, "RIPEMD160", test_data,
         digest_size=20,
-        oid="\x06\x05\x2b\x24\x03\02\x01")
+        oid="1.3.36.3.2.1")
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA1.py b/lib/Crypto/SelfTest/Hash/test_SHA1.py
index 83bd6d2..436f7de 100644
--- a/lib/Crypto/SelfTest/Hash/test_SHA1.py
+++ b/lib/Crypto/SelfTest/Hash/test_SHA1.py
@@ -54,7 +54,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(SHA1, "SHA1", test_data,
         digest_size=20,
-        oid="\x06\x05\x2B\x0E\x03\x02\x1A")
+        oid="1.3.14.3.2.26")
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA224.py b/lib/Crypto/SelfTest/Hash/test_SHA224.py
index a60f35a..eb28ebc 100644
--- a/lib/Crypto/SelfTest/Hash/test_SHA224.py
+++ b/lib/Crypto/SelfTest/Hash/test_SHA224.py
@@ -55,7 +55,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(SHA224, "SHA224", test_data,
         digest_size=28,
-        oid='\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04')
+        oid='2.16.840.1.101.3.4.2.4')
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA256.py b/lib/Crypto/SelfTest/Hash/test_SHA256.py
index 4b45110..50bdba8 100644
--- a/lib/Crypto/SelfTest/Hash/test_SHA256.py
+++ b/lib/Crypto/SelfTest/Hash/test_SHA256.py
@@ -81,7 +81,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     tests = make_hash_tests(SHA256, "SHA256", test_data,
         digest_size=32,
-        oid="\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01")
+        oid="2.16.840.1.101.3.4.2.1")
 
     if config.get('slow_tests'):
         tests += [LargeSHA256Test()]
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA384.py b/lib/Crypto/SelfTest/Hash/test_SHA384.py
index b7a72c0..27d16b3 100644
--- a/lib/Crypto/SelfTest/Hash/test_SHA384.py
+++ b/lib/Crypto/SelfTest/Hash/test_SHA384.py
@@ -53,7 +53,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(SHA384, "SHA384", test_data,
         digest_size=48,
-        oid='\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02')
+        oid='2.16.840.1.101.3.4.2.2')
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA512.py b/lib/Crypto/SelfTest/Hash/test_SHA512.py
index cb86177..04a505e 100644
--- a/lib/Crypto/SelfTest/Hash/test_SHA512.py
+++ b/lib/Crypto/SelfTest/Hash/test_SHA512.py
@@ -50,7 +50,7 @@ def get_tests(config={}):
     from common import make_hash_tests
     return make_hash_tests(SHA512, "SHA512", test_data,
         digest_size=64,
-        oid="\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03")
+        oid="2.16.840.1.101.3.4.2.3")
 
 if __name__ == '__main__':
     import unittest
diff --git a/lib/Crypto/SelfTest/IO/__init__.py b/lib/Crypto/SelfTest/IO/__init__.py
new file mode 100644
index 0000000..084904e
--- /dev/null
+++ b/lib/Crypto/SelfTest/IO/__init__.py
@@ -0,0 +1,34 @@
+#
+#  SelfTest/IO/__init__.py: Self-test for input/output module
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+"""Self-test for I/O"""
+
+def get_tests(config={}):
+    tests = []
+    from Crypto.SelfTest.IO import test_PKCS8;     tests += test_PKCS8.get_tests(config=config)
+    return tests
+
+if __name__ == '__main__':
+    import unittest
+    suite = lambda: unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
+
diff --git a/lib/Crypto/SelfTest/IO/test_PKCS8.py b/lib/Crypto/SelfTest/IO/test_PKCS8.py
new file mode 100644
index 0000000..09d3554
--- /dev/null
+++ b/lib/Crypto/SelfTest/IO/test_PKCS8.py
@@ -0,0 +1,419 @@
+# -*- coding: utf-8 -*-
+#
+#  SelfTest/PublicKey/test_PKCS8.py: Self-test for the PKCS8 module
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+"""Self-tests for Crypto.PublicKey.PKCS8 module"""
+
+__revision__ = "$Id$"
+
+import unittest
+import sys
+
+from Crypto.Util.py3compat import *
+from Crypto.Util.asn1 import *
+from Crypto.IO import PKCS8
+from binascii import *
+
+if sys.version_info[0] == 2 and sys.version_info[1] == 1:
+    from Crypto.Util.py21compat import *
+
+oid_key = '1.2.840.113549.1.1.1'
+
+# Original RSA key (in DER format)
+# hexdump -v -e '32/1 "%02x" "\n"' key.der
+clear_key="""
+308201ab020100025a00b94a7f7075ab9e79e8196f47be707781e80dd965cf16
+0c951a870b71783b6aaabbd550c0e65e5a3dfe15b8620009f6d7e5efec42a3f0
+6fe20faeebb0c356e79cdec6db4dd427e82d8ae4a5b90996227b8ba54ccfc4d2
+5c08050203010001025a00afa09c70d528299b7552fe766b5d20f9a221d66938
+c3b68371d48515359863ff96f0978d700e08cd6fd3d8a3f97066fc2e0d5f78eb
+3a50b8e17ba297b24d1b8e9cdfd18d608668198d724ad15863ef0329195dee89
+3f039395022d0ebe0518df702a8b25954301ec60a97efdcec8eaa4f2e76ca7e8
+8dfbc3f7e0bb83f9a0e8dc47c0f8c746e9df6b022d0c9195de13f09b7be1fdd7
+1f56ae7d973e08bd9fd2c3dfd8936bb05be9cc67bd32d663c7f00d70932a0be3
+c24f022d0ac334eb6cabf1933633db007b763227b0d9971a9ea36aca8b669ec9
+4fcf16352f6b3dcae28e4bd6137db4ddd3022d0400a09f15ee7b351a2481cb03
+09920905c236d09c87afd3022f3afc2a19e3b746672b635238956ee7e6dd62d5
+022d0cd88ed14fcfbda5bbf0257f700147137bbab9c797af7df866704b889aa3
+7e2e93df3ff1a0fd3490111dcdbc4c
+"""
+
+# Same key as above, wrapped in PKCS#8 but w/o password
+#
+# openssl pkcs8 -topk8 -inform DER -nocrypt -in key.der -outform DER -out keyp8.der
+# hexdump -v -e '32/1 "%02x" "\n"' keyp8.der
+wrapped_clear_key="""
+308201c5020100300d06092a864886f70d0101010500048201af308201ab0201
+00025a00b94a7f7075ab9e79e8196f47be707781e80dd965cf160c951a870b71
+783b6aaabbd550c0e65e5a3dfe15b8620009f6d7e5efec42a3f06fe20faeebb0
+c356e79cdec6db4dd427e82d8ae4a5b90996227b8ba54ccfc4d25c0805020301
+0001025a00afa09c70d528299b7552fe766b5d20f9a221d66938c3b68371d485
+15359863ff96f0978d700e08cd6fd3d8a3f97066fc2e0d5f78eb3a50b8e17ba2
+97b24d1b8e9cdfd18d608668198d724ad15863ef0329195dee893f039395022d
+0ebe0518df702a8b25954301ec60a97efdcec8eaa4f2e76ca7e88dfbc3f7e0bb
+83f9a0e8dc47c0f8c746e9df6b022d0c9195de13f09b7be1fdd71f56ae7d973e
+08bd9fd2c3dfd8936bb05be9cc67bd32d663c7f00d70932a0be3c24f022d0ac3
+34eb6cabf1933633db007b763227b0d9971a9ea36aca8b669ec94fcf16352f6b
+3dcae28e4bd6137db4ddd3022d0400a09f15ee7b351a2481cb0309920905c236
+d09c87afd3022f3afc2a19e3b746672b635238956ee7e6dd62d5022d0cd88ed1
+4fcfbda5bbf0257f700147137bbab9c797af7df866704b889aa37e2e93df3ff1
+a0fd3490111dcdbc4c
+"""
+
+###
+#
+# The key above will now be encrypted with different algorithms.
+# The password is always 'TestTest'.
+#
+# Each item in the wrapped_enc_keys list contains:
+#  * wrap algorithm
+#  * iteration count
+#  * Salt
+#  * IV
+#  * Expected result
+###
+wrapped_enc_keys = []
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der -outform DER -out keyenc.der -v2 des3
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+'PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC',
+2048,
+"47EA7227D8B22E2F", # IV
+"E3F7A838AB911A4D", # Salt
+"""
+30820216304006092a864886f70d01050d3033301b06092a864886f70d01050c
+300e0408e3f7a838ab911a4d02020800301406082a864886f70d0307040847ea
+7227d8b22e2f048201d0ea388b374d2d0e4ceb7a5139f850fdff274884a6e6c0
+64326e09d00dbba9018834edb5a51a6ae3d1806e6e91eebf33788ce71fee0637
+a2ebf58859dd32afc644110c390274a6128b50c39b8d907823810ec471bada86
+6f5b75d8ea04ad310fad2e73621696db8e426cd511ee93ec1714a1a7db45e036
+4bf20d178d1f16bbb250b32c2d200093169d588de65f7d99aad9ddd0104b44f1
+326962e1520dfac3c2a800e8a14f678dff2b3d0bb23f69da635bf2a643ac934e
+219a447d2f4460b67149e860e54f365da130763deefa649c72b0dcd48966a2d3
+4a477444782e3e66df5a582b07bbb19778a79bd355074ce331f4a82eb966b0c4
+52a09eab6116f2722064d314ae433b3d6e81d2436e93fdf446112663cde93b87
+9c8be44beb45f18e2c78fee9b016033f01ecda51b9b142091fa69f65ab784d2c
+5ad8d34be6f7f1464adfc1e0ef3f7848f40d3bdea4412758f2fcb655c93d8f4d
+f6fa48fc5aa4b75dd1c017ab79ac9d737233a6d668f5364ccf47786debd37334
+9c10c9e6efbe78430a61f71c89948aa32cdc3cc7338cf994147819ce7ab23450
+c8f7d9b94c3bb377d17a3fa204b601526317824b142ff6bc843fa7815ece89c0
+839573f234dac8d80cc571a045353d61db904a4398d8ef3df5ac
+"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der -outform DER -out keyenc.der
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+-1,                 # pbeWithMD5AndDES-CBC, only decoding is supported
+-1,
+"",
+"",
+"""
+308201f1301b06092a864886f70d010503300e0408f9b990c89af1d41b020208
+00048201d0c6267fe8592903891933d559e71a7ca68b2e39150f19daca0f7921
+52f97e249d72f670d5140e9150433310ed7c7ee51927693fd39884cb9551cea5
+a7b746f7edf199f8787d4787a35dad930d7db057b2118851211b645ac8b90fa6
+b0e7d49ac8567cbd5fff226e87aa9129a0f52c45e9307752e8575c3b0ff756b7
+31fda6942d15ecb6b27ea19370ccc79773f47891e80d22b440d81259c4c28eac
+e0ca839524116bcf52d8c566e49a95ddb0e5493437279a770a39fd333f3fca91
+55884fad0ba5aaf273121f893059d37dd417da7dcfd0d6fa7494968f13b2cc95
+65633f2c891340193e5ec00e4ee0b0e90b3b93da362a4906360845771ade1754
+9df79140be5993f3424c012598eadd3e7c7c0b4db2c72cf103d7943a5cf61420
+93370b9702386c3dd4eb0a47f34b579624a46a108b2d13921fa1b367495fe345
+6aa128aa70f8ca80ae13eb301e96c380724ce67c54380bbea2316c1faf4d058e
+b4ca2e23442047606b9bc4b3bf65b432cb271bea4eb35dd3eb360d3be8612a87
+a50e96a2264490aeabdc07c6e78e5dbf4fe3388726d0e2a228346bf3c2907d68
+2a6276b22ae883fb30fa611f4e4193e7a08480fcd7db48308bacbd72bf4807aa
+11fd394859f97d22982f7fe890b2e2a0f7e7ffb693
+"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der
+#   -outform DER -out keyenc.der -v1 PBE-SHA1-RC2-64
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+-1,                 # pbeWithSHA1AndRC2-CBC, only decoding is supported
+-1,
+"",
+"",
+"""
+308201f1301b06092a864886f70d01050b300e04083ee943bdae185008020208
+00048201d0e4614d9371d3ff10ceabc2f6a7a13a0f449f9a714144e46518ea55
+e3e6f0cde24031d01ef1f37ec40081449ef01914faf45983dde0d2bc496712de
+8dd15a5527dff4721d9016c13f34fb93e3ce68577e30146266d71b539f854e56
+753a192cf126ed4812734d86f81884374f1100772f78d0646e9946407637c565
+d070acab413c55952f7237437f2e48cae7fa0ff8d370de2bf446dd08049a3663
+d9c813ac197468c02e2b687e7ca994cf7f03f01b6eca87dbfed94502c2094157
+ea39f73fe4e591df1a68b04d19d9adab90bb9898467c1464ad20bf2b8fb9a5ff
+d3ec91847d1c67fd768a4b9cfb46572eccc83806601372b6fad0243f58f623b7
+1c5809dea0feb8278fe27e5560eed8448dc93f5612f546e5dd7c5f6404365eb2
+5bf3396814367ae8b15c5c432b57eaed1f882c05c7f6517ee9e42b87b7b8d071
+9d6125d1b52f7b2cca1f6bd5f584334bf90bce1a7d938274cafe27b68e629698
+b16e27ae528db28593af9adcfccbebb3b9e1f2af5cd5531b51968389caa6c091
+e7de1f1b96f0d258e54e540d961a7c0ef51fda45d6da5fddd33e9bbfd3a5f8d7
+d7ab2e971de495cddbc86d38444fee9f0ac097b00adaf7802dabe0cff5b43b45
+4f26b7b547016f89be52676866189911c53e2f2477"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der
+#   -outform DER -out keyenc.der -v1 PBE-MD5-RC2-64
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+-1,                 # pbeWithMD5AndRC2-CBC, only decoding is supported
+-1,
+"",
+"",
+"""
+308201f1301b06092a864886f70d010506300e0408f5cd2fee56d9b4b8020208
+00048201d086454942d6166a19d6b108465bd111e7080911f573d54b1369c676
+df28600e84936bfec04f91023ff16499e2e07178c340904f12ffa6886ab66228
+32bf43c2bff5a0ed14e765918cf5fc543ad49566246f7eb3fc044fa5a9c25f40
+8fc8c8296b91658d3bb1067c0aba008c4fefd9e2bcdbbbd63fdc8085482bccf4
+f150cec9a084259ad441a017e5d81a1034ef2484696a7a50863836d0eeda45cd
+8cee8ecabfed703f8d9d4bbdf3a767d32a0ccdc38550ee2928d7fe3fa27eda5b
+5c7899e75ad55d076d2c2d3c37d6da3d95236081f9671dab9a99afdb1cbc890e
+332d1a91105d9a8ce08b6027aa07367bd1daec3059cb51f5d896124da16971e4
+0ca4bcadb06c854bdf39f42dd24174011414e51626d198775eff3449a982df7b
+ace874e77e045eb6d7c3faef0750792b29a068a6291f7275df1123fac5789c51
+27ace42836d81633faf9daf38f6787fff0394ea484bbcd465b57d4dbee3cf8df
+b77d1db287b3a6264c466805be5a4fe85cfbca180699859280f2dd8e2c2c10b5
+7a7d2ac670c6039d41952fbb0e4f99b560ebe1d020e1b96d02403283819c00cc
+529c51f0b0101555e4c58002ba3c6e3c12e3fde1aec94382792e96d9666a2b33
+3dc397b22ecab67ee38a552fec29a1d4ff8719c748"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der
+#   -outform DER -out keyenc.der -v1 PBE-SHA1-DES
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+-1,                 # pbeWithSHA1AndDES-CBC, only decoding is supported
+-1,
+"",
+"",
+"""
+308201f1301b06092a864886f70d01050a300e04089bacc9cf1e8f734e020208
+00048201d03e502f3ceafe8fd19ab2939576bfdded26d719b2441db1459688f5
+9673218b41ec1f739edf1e460bd927bc28470c87b2d4fc8ea02ba17b47a63c49
+c5c1bee40529dadfd3ef8b4472c730bc136678c78abfb34670ec9d7dcd17ee3f
+892f93f2629e6e0f4b24ecb9f954069bf722f466dece3913bb6abbd2c471d9a5
+c5eea89b14aaccda43d30b0dd0f6eb6e9850d9747aa8aa8414c383ad01c374ee
+26d3552abec9ba22669cc9622ccf2921e3d0c8ecd1a70e861956de0bec6104b5
+b649ac994970c83f8a9e84b14a7dff7843d4ca3dd4af87cea43b5657e15ae0b5
+a940ce5047f006ab3596506600724764f23757205fe374fee04911336d655acc
+03e159ec27789191d1517c4f3f9122f5242d44d25eab8f0658cafb928566ca0e
+8f6589aa0c0ab13ca7a618008ae3eafd4671ee8fe0b562e70b3623b0e2a16eee
+97fd388087d2e03530c9fe7db6e52eccc7c48fd701ede35e08922861a9508d12
+bc8bbf24f0c6bee6e63dbcb489b603d4c4a78ce45bf2eab1d5d10456c42a65a8
+3a606f4e4b9b46eb13b57f2624b651859d3d2d5192b45dbd5a2ead14ff20ca76
+48f321309aa56d8c0c4a192b580821cc6c70c75e6f19d1c5414da898ec4dd39d
+b0eb93d6ba387a80702dfd2db610757ba340f63230
+"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der
+#   -outform DER -out keyenc.der -v2 aes128
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+'PBKDF2WithHMAC-SHA1AndAES128-CBC',
+2048,
+"4F66EE5D3BCD531FE6EBF4B4E73016B8", # IV
+"479F25156176C53A", # Salt
+"""
+3082021f304906092a864886f70d01050d303c301b06092a864886f70d01050c
+300e0408479f25156176c53a02020800301d060960864801650304010204104f
+66ee5d3bcd531fe6ebf4b4e73016b8048201d0e33cfa560423f589d097d21533
+3b880a5ebac5b2ac58b4e73b0d787aee7764f034fe34ca1d1bd845c0a7c3316f
+afbfb2129e03dcaf5a5031394206492828dacef1e04639bee5935e0f46114202
+10bc6c37182f4889be11c5d0486c398f4be952e5740f65de9d8edeb275e2b406
+e19bc29ad5ebb97fa536344fc3d84c7e755696f12b810898de4e6f069b8a81c8
+0aab0d45d7d062303aaa4a10c2ce84fdb5a03114039cfe138e38bb15b2ced717
+93549cdad85e730b14d9e2198b663dfdc8d04a4349eb3de59b076ad40b116d4a
+25ed917c576bc7c883c95ef0f1180e28fc9981bea069594c309f1aa1b253ceab
+a2f0313bb1372bcb51a745056be93d77a1f235a762a45e8856512d436b2ca0f7
+dd60fbed394ba28978d2a2b984b028529d0a58d93aba46c6bbd4ac1e4013cbaa
+63b00988bc5f11ccc40141c346762d2b28f64435d4be98ec17c1884985e3807e
+e550db606600993efccf6de0dfc2d2d70b5336a3b018fa415d6bdd59f5777118
+16806b7bc17c4c7e20ad7176ebfa5a1aa3f6bc10f04b77afd443944642ac9cca
+d740e082b4a3bbb8bafdd34a0b3c5f2f3c2aceccccdccd092b78994b845bfa61
+706c3b9df5165ed1dbcbf1244fe41fc9bf993f52f7658e2f87e1baaeacb0f562
+9d905c
+"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der
+#   -outform DER -out keyenc.der -v2 aes192
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+'PBKDF2WithHMAC-SHA1AndAES192-CBC',
+2048,
+"5CFC2A4FF7B63201A4A8A5B021148186", # IV
+"D718541C264944CE", # Salt
+"""
+3082021f304906092a864886f70d01050d303c301b06092a864886f70d01050c
+300e0408d718541c264944ce02020800301d060960864801650304011604105c
+fc2a4ff7b63201a4a8a5b021148186048201d08e74aaa21b8bcfb15b9790fe95
+b0e09ddb0f189b6fb1682fdb9f122b804650ddec3c67a1df093a828b3e5fbcc6
+286abbcc5354c482fd796d972e919ca8a5eba1eaa2293af1d648013ddad72106
+75622264dfba55dafdda39e338f058f1bdb9846041ffff803797d3fdf3693135
+8a192729ea8346a7e5e58e925a2e2e4af0818581859e8215d87370eb4194a5ff
+bae900857d4c591dbc651a241865a817eaede9987c9f9ae4f95c0bf930eea88c
+4d7596e535ffb7ca369988aba75027a96b9d0bc9c8b0b75f359067fd145a378b
+02aaa15e9db7a23176224da48a83249005460cc6e429168657f2efa8b1af7537
+d7d7042f2d683e8271b21d591090963eeb57aea6172f88da139e1614d6a7d1a2
+1002d5a7a93d6d21156e2b4777f6fc069287a85a1538c46b7722ccde591ab55c
+630e1ceeb1ac42d1b41f3f654e9da86b5efced43775ea68b2594e50e4005e052
+0fe753c0898120c2c07265367ff157f6538a1e4080d6f9d1ca9eb51939c9574e
+f2e4e1e87c1434affd5808563cddd376776dbbf790c6a40028f311a8b58dafa2
+0970ed34acd6e3e89d063987893b2b9570ddb8cc032b05a723bba9444933ebf3
+c624204be72f4190e0245197d0cb772bec933fd8442445f9a28bd042d5a3a1e9
+9a8a07
+"""
+))
+
+#
+# openssl pkcs8 -topk8 -passin pass:TestTest -inform DER -in key.der
+#   -outform DER -out keyenc.der -v2 aes192
+# hexdump -v -e '32/1 "%02x" "\n"' keyenc.der
+#
+wrapped_enc_keys.append((
+'PBKDF2WithHMAC-SHA1AndAES256-CBC',
+2048,
+"323351F94462AC563E053A056252C2C4", # IV
+"02A6CD0D12E727B5", # Salt
+"""
+3082021f304906092a864886f70d01050d303c301b06092a864886f70d01050c
+300e040802a6cd0d12e727b502020800301d060960864801650304012a041032
+3351f94462ac563e053a056252c2c4048201d07f4ef1c7be21aae738a20c5632
+b8bdbbb9083b6e7f68822267b1f481fd27fdafd61a90660de6e4058790e4c912
+bf3f319a7c37e6eb3d956daaa143865020d554bf6215e8d7492359aaeef45d6e
+d85a686ed26c0bf7c18d071d827a86f0b73e1db0c0e7f3d42201544093302a90
+551ad530692468c47ac15c69500b8ca67d4a17b64d15cecc035ae50b768a36cf
+07c395afa091e9e6f86f665455fbdc1b21ad79c0908b73da5de75a9b43508d5d
+44dc97a870cd3cd9f01ca24452e9b11c1b4982946702cfcbfda5b2fcc0203fb5
+0b52a115760bd635c94d4c95ac2c640ee9a04ffaf6ccff5a8d953dd5d88ca478
+c377811c521f2191639c643d657a9e364af88bb7c14a356c2b0b4870a23c2f54
+d41f8157afff731471dccc6058b15e1151bcf84b39b5e622a3a1d65859c912a5
+591b85e034a1f6af664f030a6bfc8c3d20c70f32b54bcf4da9c2da83cef49cf8
+e9a74f0e5d358fe50b88acdce6a9db9a7ad61536212fc5f877ebfc7957b8bda4
+b1582a0f10d515a20ee06cf768db9c977aa6fbdca7540d611ff953012d009dac
+e8abd059f8e8ffea637c9c7721f817aaf0bb23403e26a0ef0ff0e2037da67d41
+af728481f53443551a9bff4cea023164e9622b5441a309e1f4bff98e5bf76677
+8d7cd9
+"""
+))
+
+def txt2bin(inputs):
+    s = b('').join([b(x) for x in inputs if not (x in '\n\r\t ')])
+    return unhexlify(s)
+
+class Rng:
+    def __init__(self, output):
+        self.output=output
+        self.idx=0
+    def __call__(self, n):
+        output = self.output[self.idx:self.idx+n]
+        self.idx += n
+        return output
+
+class PKCS8_Decrypt(unittest.TestCase):
+
+    def setUp(self):
+        self.oid_key = oid_key
+        self.clear_key = txt2bin(clear_key)
+        self.wrapped_clear_key = txt2bin(wrapped_clear_key)
+        self.wrapped_enc_keys = []
+        for t in wrapped_enc_keys:
+            self.wrapped_enc_keys.append((
+                t[0],
+                t[1],
+                txt2bin(t[2]),
+                txt2bin(t[3]),
+                txt2bin(t[4])
+            ))
+
+    ### NO ENCRYTION
+
+    def test1(self):
+        """Verify unwrapping w/o encryption"""
+        res1, res2, res3 = PKCS8.unwrap(self.wrapped_clear_key)
+        self.assertEqual(res1, self.oid_key)
+        self.assertEqual(res2, self.clear_key)
+
+    def test2(self):
+        """Verify wrapping w/o encryption"""
+        wrapped = PKCS8.wrap(self.clear_key, self.oid_key)
+        res1, res2, res3 = PKCS8.unwrap(wrapped)
+        self.assertEqual(res1, self.oid_key)
+        self.assertEqual(res2, self.clear_key)
+
+    ## ENCRYPTION
+
+    def test3(self):
+        """Verify unwrapping with encryption"""
+
+        for t in self.wrapped_enc_keys:
+            res1, res2, res3 = PKCS8.unwrap(t[4], b("TestTest"))
+            self.assertEqual(res1, self.oid_key)
+            self.assertEqual(res2, self.clear_key)
+
+    def test4(self):
+        """Verify wrapping with encryption"""
+
+        for t in self.wrapped_enc_keys:
+            if t[0]==-1:
+                continue
+            rng = Rng(t[2]+t[3])
+            params = { 'iteration_count':t[1] }
+            wrapped = PKCS8.wrap(
+                    self.clear_key,
+                    self.oid_key,
+                    b("TestTest"),
+                    protection=t[0],
+                    prot_params=params,
+                    key_params=None,
+                    randfunc=rng)
+            self.assertEqual(wrapped, t[4])
+
+def get_tests(config={}):
+    from Crypto.SelfTest.st_common import list_test_cases
+    listTests = []
+    listTests += list_test_cases(PKCS8_Decrypt)
+    return listTests
+
+if __name__ == '__main__':
+    suite = lambda: unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
diff --git a/lib/Crypto/SelfTest/PublicKey/test_importKey.py b/lib/Crypto/SelfTest/PublicKey/test_importKey.py
index 4710440..ff65e77 100644
--- a/lib/Crypto/SelfTest/PublicKey/test_importKey.py
+++ b/lib/Crypto/SelfTest/PublicKey/test_importKey.py
@@ -66,7 +66,8 @@ BX85JB8zqwHB
 
     # The same RSA private key as in rsaKeyPEM, but now encrypted
     rsaKeyEncryptedPEM=(
-            
+
+        # PEM encryption
         # With DES and passphrase 'test'
         ('test', u'''-----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
@@ -79,29 +80,27 @@ BCNRMdcexozWtAFNNqSzfW58MJL2OdMi21ED184EFytIc1BlB+FZiGZduwKGuaKy
 9bMbdb/1PSvsSzPsqW7KSSrTw6MgJAFJg6lzIYvR5F4poTVBxwBX3+EyEmShiaNY
 IRX3TgQI0IjrVuLmvlZKbGWP18FXj7I7k9tSsNOOzllTTdq3ny5vgM3A+ynfAaxp
 dysKznQ6P+IoqML1WxAID4aGRMWka+uArOJ148Rbj9s=
------END RSA PRIVATE KEY-----''',
-        "\xAF\x8F\x9A\x40\xBD\x2F\xA2\xFC"),
-
-        # With Triple-DES and passphrase 'rocking'
-        ('rocking', u'''-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,C05D6C07F7FC02F6
-
-w4lwQrXaVoTTJ0GgwY566htTA2/t1YlimhxkxYt9AEeCcidS5M0Wq9ClPiPz9O7F
-m6K5QpM1rxo1RUE/ZyI85gglRNPdNwkeTOqit+kum7nN73AToX17+irVmOA4Z9E+
-4O07t91GxGMcjUSIFk0ucwEU4jgxRvYscbvOMvNbuZszGdVNzBTVddnShKCsy9i7
-nJbPlXeEKYi/OkRgO4PtfqqWQu5GIEFVUf9ev1QV7AvC+kyWTR1wWYnHX265jU5c
-sopxQQtP8XEHIJEdd5/p1oieRcWTCNyY8EkslxDSsrf0OtZp6mZH9N+KU47cgQtt
-9qGORmlWnsIoFFKcDohbtOaWBTKhkj5h6OkLjFjfU/sBeV1c+7wDT3dAy5tawXjG
-YSxC7qDQIT/RECvV3+oQKEcmpEujn45wAnkTi12BH30=
------END RSA PRIVATE KEY-----''',
-        "\xC0\x5D\x6C\x07\xF7\xFC\x02\xF6"),
+-----END RSA PRIVATE KEY-----'''),
+
+        # PKCS8 encryption
+        ('winter', u'''-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeZIsbW3O+JcCAggA
+MBQGCCqGSIb3DQMHBAgSM2p0D8FilgSCAWBhFyP2tiGKVpGj3mO8qIBzinU60ApR
+3unvP+N6j7LVgnV2lFGaXbJ6a1PbQXe+2D6DUyBLo8EMXrKKVLqOMGkFMHc0UaV6
+R6MmrsRDrbOqdpTuVRW+NVd5J9kQQh4xnfU/QrcPPt7vpJvSf4GzG0n666Ki50OV
+M/feuVlIiyGXY6UWdVDpcOV72cq02eNUs/1JWdh2uEBvA9fCL0c07RnMrdT+CbJQ
+NjJ7f8ULtp7xvR9O3Al/yJ4Wv3i4VxF1f3MCXzhlUD4I0ONlr0kJWgeQ80q/cWhw
+ntvgJwnCn2XR1h6LA8Wp+0ghDTsL2NhJpWd78zClGhyU4r3hqu1XDjoXa7YCXCix
+jCV15+ViDJzlNCwg+W6lRg18sSLkCT7alviIE0U5tHc6UPbbHwT5QqAxAABaP+nZ
+CGqJGyiwBzrKebjgSm/KRd4C91XqcsysyH2kKPfT51MLAoD4xelOURBP
+-----END ENCRYPTED PRIVATE KEY-----'''
+        ),
     )
 
-    rsaPublicKeyPEM = u'''-----BEGIN PUBLIC KEY-----
+    rsaPublicKeyPEM = u'''-----BEGIN RSA PUBLIC KEY-----
 MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL8eJ5AKoIsjURpcEoGubZMxLD7+kT+T
 Lr7UkvEtFrRhDDKMtuIIq19FrL4pUIMymPMSLBn3hJLe30Dw48GQM4UCAwEAAQ==
------END PUBLIC KEY-----'''
+-----END RSA PUBLIC KEY-----'''
 
     # Obtained using 'ssh-keygen -i -m PKCS8 -f rsaPublicKeyPEM'
     rsaPublicKeyOpenSSH = b('''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAQQC/HieQCqCLI1EaXBKBrm2TMSw+/pE/ky6+1JLxLRa0YQwyjLbiCKtfRay+KVCDMpjzEiwZ94SS3t9A8OPBkDOF comment\n''')
@@ -298,15 +297,6 @@ Lr7UkvEtFrRhDDKMtuIIq19FrL4pUIMymPMSLBn3hJLe30Dw48GQM4UCAwEAAQ==
         self.assertEqual(openssh_1[0], openssh_2[0])
         self.assertEqual(openssh_1[1], openssh_2[1])
 
-    def testExportKey6(self):
-        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
-        # Tuple with index #1 is encrypted with 3DES
-        t = map(b,self.rsaKeyEncryptedPEM[1])
-        # Force the salt being used when exporting
-        key._randfunc = lambda N: (t[2]*divmod(N+len(t[2]),len(t[2]))[0])[:N]
-        pemKey = key.exportKey("PEM", t[0])
-        self.assertEqual(pemKey, t[1])
-
     def testExportKey7(self):
         key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
         derKey = key.exportKey("DER", pkcs=8)
@@ -321,6 +311,71 @@ Lr7UkvEtFrRhDDKMtuIIq19FrL4pUIMymPMSLBn3hJLe30Dw48GQM4UCAwEAAQ==
         key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
         self.assertRaises(ValueError, key.exportKey, "invalid-format")
 
+    def testExportKey10(self):
+        # Export and re-import the encrypted key. It must match.
+        # PEM envelope, PKCS#1, old PEM encryption
+        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
+        outkey = key.exportKey('PEM', 'test')
+        self.failUnless(tostr(outkey).find('4,ENCRYPTED')!=-1)
+        self.failUnless(tostr(outkey).find('BEGIN RSA PRIVATE KEY')!=-1)
+        inkey = RSA.importKey(outkey, 'test')
+        self.assertEqual(key.n, inkey.n)
+        self.assertEqual(key.e, inkey.e)
+        self.assertEqual(key.d, inkey.d)
+
+    def testExportKey11(self):
+        # Export and re-import the encrypted key. It must match.
+        # PEM envelope, PKCS#1, old PEM encryption
+        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
+        outkey = key.exportKey('PEM', 'test', pkcs=1)
+        self.failUnless(tostr(outkey).find('4,ENCRYPTED')!=-1)
+        self.failUnless(tostr(outkey).find('BEGIN RSA PRIVATE KEY')!=-1)
+        inkey = RSA.importKey(outkey, 'test')
+        self.assertEqual(key.n, inkey.n)
+        self.assertEqual(key.e, inkey.e)
+        self.assertEqual(key.d, inkey.d)
+
+    def testExportKey12(self):
+        # Export and re-import the encrypted key. It must match.
+        # PEM envelope, PKCS#8, old PEM encryption
+        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
+        outkey = key.exportKey('PEM', 'test', pkcs=8)
+        self.failUnless(tostr(outkey).find('4,ENCRYPTED')!=-1)
+        self.failUnless(tostr(outkey).find('BEGIN PRIVATE KEY')!=-1)
+        inkey = RSA.importKey(outkey, 'test')
+        self.assertEqual(key.n, inkey.n)
+        self.assertEqual(key.e, inkey.e)
+        self.assertEqual(key.d, inkey.d)
+ 
+    def testExportKey13(self):
+        # Export and re-import the encrypted key. It must match.
+        # PEM envelope, PKCS#8, PKCS#8 encryption
+        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
+        outkey = key.exportKey('PEM', 'test', pkcs=8,
+                protection='PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC')
+        self.failUnless(tostr(outkey).find('4,ENCRYPTED')==-1)
+        self.failUnless(tostr(outkey).find('BEGIN ENCRYPTED PRIVATE KEY')!=-1)
+        inkey = RSA.importKey(outkey, 'test')
+        self.assertEqual(key.n, inkey.n)
+        self.assertEqual(key.e, inkey.e)
+        self.assertEqual(key.d, inkey.d)
+
+    def testExportKey14(self):
+        # Export and re-import the encrypted key. It must match.
+        # DER envelope, PKCS#8, PKCS#8 encryption
+        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
+        outkey = key.exportKey('DER', 'test', pkcs=8)
+        inkey = RSA.importKey(outkey, 'test')
+        self.assertEqual(key.n, inkey.n)
+        self.assertEqual(key.e, inkey.e)
+        self.assertEqual(key.d, inkey.d)
+
+    def testExportKey15(self):
+        # Verify that that error an condition is detected when trying to
+        # use a password with DER encoding and PKCS#1.
+        key = self.rsa.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
+        self.assertRaises(ValueError, key.exportKey, 'DER', 'test', 1)
+
 class ImportKeyTestsSlow(ImportKeyTests):
     def setUp(self):
         self.rsa = RSA.RSAImplementation(use_fast_math=0)
diff --git a/lib/Crypto/SelfTest/Util/__init__.py b/lib/Crypto/SelfTest/Util/__init__.py
index abd640a..f404d0b 100644
--- a/lib/Crypto/SelfTest/Util/__init__.py
+++ b/lib/Crypto/SelfTest/Util/__init__.py
@@ -34,6 +34,7 @@ def get_tests(config={}):
         from Crypto.SelfTest.Util import test_winrandom; tests += test_winrandom.get_tests(config=config)
     from Crypto.SelfTest.Util import test_number; tests += test_number.get_tests(config=config)
     from Crypto.SelfTest.Util import test_Counter; tests += test_Counter.get_tests(config=config)
+    from Crypto.SelfTest.Util import test_Padding; tests += test_Padding.get_tests(config=config)
     return tests
 
 if __name__ == '__main__':
diff --git a/lib/Crypto/SelfTest/Util/test_Padding.py b/lib/Crypto/SelfTest/Util/test_Padding.py
new file mode 100644
index 0000000..03c28ea
--- /dev/null
+++ b/lib/Crypto/SelfTest/Util/test_Padding.py
@@ -0,0 +1,140 @@
+# -*- coding: utf-8 -*-
+#
+#  SelfTest/Util/test_Padding.py: Self-test for padding functions
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+import unittest
+from binascii import unhexlify as uh
+
+from Crypto.Util.py3compat import *
+from Crypto.SelfTest.st_common import list_test_cases
+from Crypto.Util.Padding import *
+
+class PKCS7_Tests(unittest.TestCase):
+
+    def test1(self):
+        padded = pad(b(""), 4)
+        self.failUnless(padded == uh("04040404"))
+        padded = pad(b(""), 4, 'pkcs7')
+        self.failUnless(padded == uh("04040404"))
+        back = unpad(padded, 4)
+        self.failUnless(back == b(""))
+
+    def test2(self):
+        padded = pad(uh("12345678"), 4)
+        self.failUnless(padded == uh("1234567804040404"))
+        back = unpad(padded, 4)
+        self.failUnless(back == uh("12345678"))
+
+    def test3(self):
+        padded = pad(uh("123456"), 4)
+        self.failUnless(padded == uh("12345601"))
+        back = unpad(padded, 4)
+        self.failUnless(back == uh("123456"))
+
+    def test4(self):
+        padded = pad(uh("1234567890"), 4)
+        self.failUnless(padded == uh("1234567890030303"))
+        back = unpad(padded, 4)
+        self.failUnless(back == uh("1234567890"))
+
+    def testn1(self):
+        self.assertRaises(ValueError, pad, uh("12"), 4, 'pkcs8')
+
+    def testn2(self):
+        self.assertRaises(ValueError, unpad, b("\0\0\0"), 4)
+
+    def testn3(self):
+        self.assertRaises(ValueError, unpad, b("123456\x02"), 4)
+        self.assertRaises(ValueError, unpad, b("123456\x00"), 4)
+        self.assertRaises(ValueError, unpad, b("123456\x05\x05\x05\x05\x05"), 4)
+
+class X923_Tests(unittest.TestCase):
+
+    def test1(self):
+        padded = pad(b(""), 4, 'x923')
+        self.failUnless(padded == uh("00000004"))
+        back = unpad(padded, 4, 'x923')
+        self.failUnless(back == b(""))
+
+    def test2(self):
+        padded = pad(uh("12345678"), 4, 'x923')
+        self.failUnless(padded == uh("1234567800000004"))
+        back = unpad(padded, 4, 'x923')
+        self.failUnless(back == uh("12345678"))
+
+    def test3(self):
+        padded = pad(uh("123456"), 4, 'x923')
+        self.failUnless(padded == uh("12345601"))
+        back = unpad(padded, 4, 'x923')
+        self.failUnless(back == uh("123456"))
+
+    def test4(self):
+        padded = pad(uh("1234567890"), 4, 'x923')
+        self.failUnless(padded == uh("1234567890000003"))
+        back = unpad(padded, 4, 'x923')
+        self.failUnless(back == uh("1234567890"))
+
+    def testn1(self):
+        self.assertRaises(ValueError, unpad, b("123456\x02"), 4, 'x923')
+        self.assertRaises(ValueError, unpad, b("123456\x00"), 4, 'x923')
+        self.assertRaises(ValueError, unpad, b("123456\x00\x00\x00\x00\x05"), 4, 'x923')
+
+class ISO7816_Tests(unittest.TestCase):
+
+    def test1(self):
+        padded = pad(b(""), 4, 'iso7816')
+        self.failUnless(padded == uh("80000000"))
+        back = unpad(padded, 4, 'iso7816')
+        self.failUnless(back == b(""))
+
+    def test2(self):
+        padded = pad(uh("12345678"), 4, 'iso7816')
+        self.failUnless(padded == uh("1234567880000000"))
+        back = unpad(padded, 4, 'iso7816')
+        self.failUnless(back == uh("12345678"))
+
+    def test3(self):
+        padded = pad(uh("123456"), 4, 'iso7816')
+        self.failUnless(padded == uh("12345680"))
+        #import pdb; pdb.set_trace()
+        back = unpad(padded, 4, 'iso7816')
+        self.failUnless(back == uh("123456"))
+
+    def test4(self):
+        padded = pad(uh("1234567890"), 4, 'iso7816')
+        self.failUnless(padded == uh("1234567890800000"))
+        back = unpad(padded, 4, 'iso7816')
+        self.failUnless(back == uh("1234567890"))
+
+    def testn1(self):
+        self.assertRaises(ValueError, unpad, b("123456\x81"), 4, 'iso7816')
+
+def get_tests(config={}):
+    tests = []
+    tests += list_test_cases(PKCS7_Tests)
+    tests += list_test_cases(X923_Tests)
+    tests += list_test_cases(ISO7816_Tests)
+    return tests
+
+if __name__ == '__main__':
+    suite = lambda: unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
diff --git a/lib/Crypto/SelfTest/__init__.py b/lib/Crypto/SelfTest/__init__.py
index 7110cd2..cb5782f 100644
--- a/lib/Crypto/SelfTest/__init__.py
+++ b/lib/Crypto/SelfTest/__init__.py
@@ -85,6 +85,7 @@ def get_tests(config={}):
     from Crypto.SelfTest import Random; tests += Random.get_tests(config=config)
     from Crypto.SelfTest import Util;   tests += Util.get_tests(config=config)
     from Crypto.SelfTest import Signature;   tests += Signature.get_tests(config=config)
+    from Crypto.SelfTest import IO;   tests += IO.get_tests(config=config)
     return tests
 
 if __name__ == '__main__':