--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBfDAcBgoqhkiG9w0BDAEBMA4ECPvbksad11k/AgIBYASCAVqpBTCoK88VT4i2
+SP14VJrMGLz/QfnwH0MYpfPqCfYKy7GF7mF0LOV4KIG98J0l14R0sgS7666CAxvV
+ByvdGafE77C2NdxoIzVwdC+wXISj8weztvOu8rkHizzouw0UYeoZgvcRg1TO1EUq
+CnFRf4Ksmo47n6Pkz0OsyNFqXZEgC0E5ymu8frQtTlV30UPgzSMiPbP1aK45H7uc
+7ccpXL+bZ1ycYyyVv1WLxHl8G65CUtEcDMMGSnSbSkId4EE2Obmwhy00FfvS4w8o
+BugeBJhFpF8TnyyChoBDzXKerpiY934zNhUuk3B3Ayz2JHLJ6tSCwvdMEKaLDLl5
+4iLxuVNPpavBlIvsq9zHELfVjuYV4ZPEv2eHzEzgyUgtGRdmuL1TvsM3kOG4Beo3
+/9MAiJDmvY3CuzkqfFqdeJd6VzO3Z66Cqydvy3NnlmfpQarE2+6qi7CcQ5tvhW/I
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBfDAcBgoqhkiG9w0BDAEBMA4ECOxO+XewS2/+AgIBBQSCAVqE1UFN8VmjMRbS
+BNL/J+bUCtOy/4i14m5MBzCTlPqx/Fs2ecD1VoaLJof0qO/v6YBhGEJeTi2v9Xld
+5mXzUBjCKC7ETdfWkUhzdX2rGc1pe9sMMpNFD3UK92QG5KUBFZ32MBdBmb/RGmNW
+Z3zM6JEZwkTP9drrZRyQSsCTkjRcRODsv6sS+ftWljDteeQaWFDQhxz+kKN7BDpa
+jxYLBoM330OB8wwa4NxPNa9GhtASpxgHuE0crViXh3rR30VF5HNcyQwT3jZW69CB
+szFuV2n53WowjhgkUAXx+EQCxlTREoIX7FxZofl/IVtZNkfzXTZ9MT3yZxW1EDkO
+B2RhEDbEEv1A4k073xmmFZMEP0lDgy+ufLFfDjJZoacq1lcWpySQBbIDCta3s1Tz
+GbPRkJGGAIVa8O+T6O++rcI7o/kRZMr9B3/hvOemFcWxx0RZzMP870x83xLBmcyM
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+#!/bin/sh
+
+# Copyright (C) 2014 Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir=${srcdir:-.}
+CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
+GREP=${GREP:-grep}
+
+# check keys with password
+$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --password "1234" \
+ --outfile tmp-key-ca.p8 2>/dev/null
+
+$GREP "BEGIN ENCRYPTED PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in converting key to PKCS #8 with password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --password "1234" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading PKCS #8 key with password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-1234.p8 --password "1234" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading saved PKCS #8 key with password"
+ exit $rc
+fi
+
+#keys encrypted with empty password
+$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --password "" \
+ --outfile tmp-key-ca.p8 2>/dev/null
+
+$GREP "BEGIN PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in converting key to PKCS #8 with empty password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --password "" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading PKCS #8 key with empty password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-empty.p8 --password "" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading saved PKCS #8 key with empty password"
+ exit $rc
+fi
+
+#keys encrypted with null password
+$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --null-password \
+ --outfile tmp-key-ca.p8 2>/dev/null
+
+$GREP "BEGIN ENCRYPTED PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in converting key to PKCS #8 with null password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --null-password >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading PKCS #8 key with null password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-null.p8 --null-password >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading saved PKCS #8 key with null password"
+ exit $rc
+fi
+
+rm -f tmp-key-ca.p8
+
+exit 0