1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This code is made available to you under your choice of the following sets
4 * of licensing terms:
5 */
6 /* This Source Code Form is subject to the terms of the Mozilla Public
7 * License, v. 2.0. If a copy of the MPL was not distributed with this
8 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
9 */
10 /* Copyright 2013 Mozilla Contributors
11 *
12 * Licensed under the Apache License, Version 2.0 (the "License");
13 * you may not use this file except in compliance with the License.
14 * You may obtain a copy of the License at
15 *
16 * http://www.apache.org/licenses/LICENSE-2.0
17 *
18 * Unless required by applicable law or agreed to in writing, software
19 * distributed under the License is distributed on an "AS IS" BASIS,
20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21 * See the License for the specific language governing permissions and
22 * limitations under the License.
23 */
24
25 #include <functional>
26 #include <vector>
27 #include "pkixgtest.h"
28
29 #include "pkixder.h"
30
31 using namespace mozilla::pkix;
32 using namespace mozilla::pkix::der;
33
34 namespace {
35
36 class pkixder_input_tests : public ::testing::Test {};
37
38 static const uint8_t DER_SEQUENCE_EMPTY[] = {
39 0x30, // SEQUENCE
40 0x00, // length
41 };
42
43 static const uint8_t DER_SEQUENCE_NOT_EMPTY[] = {
44 0x30, // SEQUENCE
45 0x01, // length
46 'X', // value
47 };
48
49 static const uint8_t DER_SEQUENCE_NOT_EMPTY_VALUE[] = {
50 'X', // value
51 };
52
53 static const uint8_t DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED[] = {
54 0x30, // SEQUENCE
55 0x01, // length
56 };
57
58 const uint8_t DER_SEQUENCE_OF_INT8[] = {
59 0x30, // SEQUENCE
60 0x09, // length
61 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01
62 0x02, 0x01, 0x02, // INTEGER length 1 value 0x02
63 0x02, 0x01, 0x03 // INTEGER length 1 value 0x03
64 };
65
66 const uint8_t DER_TRUNCATED_SEQUENCE_OF_INT8[] = {
67 0x30, // SEQUENCE
68 0x09, // length
69 0x02, 0x01,
70 0x01, // INTEGER length 1 value 0x01
71 0x02, 0x01,
72 0x02 // INTEGER length 1 value 0x02
73 // MISSING DATA HERE ON PURPOSE
74 };
75
76 const uint8_t DER_OVERRUN_SEQUENCE_OF_INT8[] = {
77 0x30, // SEQUENCE
78 0x09, // length
79 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01
80 0x02, 0x01, 0x02, // INTEGER length 1 value 0x02
81 0x02, 0x02, 0xFF, 0x03 // INTEGER length 2 value 0xFF03
82 };
83
84 const uint8_t DER_INT16[] = {
85 0x02, // INTEGER
86 0x02, // length
87 0x12, 0x34 // 0x1234
88 };
89
90 static const Input EMPTY_INPUT;
91
TEST_F(pkixder_input_tests,InputInit)92 TEST_F(pkixder_input_tests, InputInit) {
93 Input buf;
94 ASSERT_EQ(Success,
95 buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8));
96 }
97
TEST_F(pkixder_input_tests,InputInitWithNullPointerOrZeroLength)98 TEST_F(pkixder_input_tests, InputInitWithNullPointerOrZeroLength) {
99 Input buf;
100 ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init(nullptr, 0));
101
102 ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init(nullptr, 100));
103
104 // Though it seems odd to initialize with zero-length and non-null ptr, this
105 // is working as intended. The Reader class was intended to protect against
106 // buffer overflows, and there's no risk with the current behavior. See bug
107 // 1000354.
108 ASSERT_EQ(Success, buf.Init((const uint8_t*)"hello", 0));
109 ASSERT_TRUE(buf.GetLength() == 0);
110 }
111
TEST_F(pkixder_input_tests,InputInitWithLargeData)112 TEST_F(pkixder_input_tests, InputInitWithLargeData) {
113 Input buf;
114 // Data argument length does not matter, it is not touched, just
115 // needs to be non-null
116 ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init((const uint8_t*)"", 0xffff + 1));
117
118 ASSERT_EQ(Success, buf.Init((const uint8_t*)"", 0xffff));
119 }
120
TEST_F(pkixder_input_tests,InputInitMultipleTimes)121 TEST_F(pkixder_input_tests, InputInitMultipleTimes) {
122 Input buf;
123
124 ASSERT_EQ(Success,
125 buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8));
126
127 ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS,
128 buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8));
129 }
130
TEST_F(pkixder_input_tests,PeekWithinBounds)131 TEST_F(pkixder_input_tests, PeekWithinBounds) {
132 const uint8_t der[] = {0x11, 0x11};
133 Input buf(der);
134 Reader input(buf);
135 ASSERT_TRUE(input.Peek(0x11));
136 ASSERT_FALSE(input.Peek(0x22));
137 }
138
TEST_F(pkixder_input_tests,PeekPastBounds)139 TEST_F(pkixder_input_tests, PeekPastBounds) {
140 const uint8_t der[] = {0x11, 0x22};
141 Input buf;
142 ASSERT_EQ(Success, buf.Init(der, 1));
143 Reader input(buf);
144
145 uint8_t readByte;
146 ASSERT_EQ(Success, input.Read(readByte));
147 ASSERT_EQ(0x11, readByte);
148 ASSERT_FALSE(input.Peek(0x22));
149 }
150
TEST_F(pkixder_input_tests,ReadByte)151 TEST_F(pkixder_input_tests, ReadByte) {
152 const uint8_t der[] = {0x11, 0x22};
153 Input buf(der);
154 Reader input(buf);
155
156 uint8_t readByte1;
157 ASSERT_EQ(Success, input.Read(readByte1));
158 ASSERT_EQ(0x11, readByte1);
159
160 uint8_t readByte2;
161 ASSERT_EQ(Success, input.Read(readByte2));
162 ASSERT_EQ(0x22, readByte2);
163 }
164
TEST_F(pkixder_input_tests,ReadBytePastEnd)165 TEST_F(pkixder_input_tests, ReadBytePastEnd) {
166 const uint8_t der[] = {0x11, 0x22};
167 Input buf;
168 ASSERT_EQ(Success, buf.Init(der, 1));
169 Reader input(buf);
170
171 uint8_t readByte1 = 0;
172 ASSERT_EQ(Success, input.Read(readByte1));
173 ASSERT_EQ(0x11, readByte1);
174
175 uint8_t readByte2 = 0;
176 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readByte2));
177 ASSERT_NE(0x22, readByte2);
178 }
179
TEST_F(pkixder_input_tests,ReadByteWrapAroundPointer)180 TEST_F(pkixder_input_tests, ReadByteWrapAroundPointer) {
181 // The original implementation of our buffer read overflow checks was
182 // susceptible to integer overflows which could make the checks ineffective.
183 // This attempts to verify that we've fixed that. Unfortunately, decrementing
184 // a null pointer is undefined behavior according to the C++ language spec.,
185 // but this should catch the problem on at least some compilers, if not all of
186 // them.
187 const uint8_t* der = nullptr;
188 --der;
189 Input buf;
190 ASSERT_EQ(Success, buf.Init(der, 0));
191 Reader input(buf);
192
193 uint8_t b;
194 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(b));
195 }
196
TEST_F(pkixder_input_tests,ReadWord)197 TEST_F(pkixder_input_tests, ReadWord) {
198 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
199 Input buf(der);
200 Reader input(buf);
201
202 uint16_t readWord1 = 0;
203 ASSERT_EQ(Success, input.Read(readWord1));
204 ASSERT_EQ(0x1122, readWord1);
205
206 uint16_t readWord2 = 0;
207 ASSERT_EQ(Success, input.Read(readWord2));
208 ASSERT_EQ(0x3344, readWord2);
209 }
210
TEST_F(pkixder_input_tests,ReadWordPastEnd)211 TEST_F(pkixder_input_tests, ReadWordPastEnd) {
212 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
213 Input buf;
214 ASSERT_EQ(Success, buf.Init(der, 2)); // Initialize with too-short length
215 Reader input(buf);
216
217 uint16_t readWord1 = 0;
218 ASSERT_EQ(Success, input.Read(readWord1));
219 ASSERT_EQ(0x1122, readWord1);
220
221 uint16_t readWord2 = 0;
222 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readWord2));
223 ASSERT_NE(0x3344, readWord2);
224 }
225
TEST_F(pkixder_input_tests,ReadWordWithInsufficentData)226 TEST_F(pkixder_input_tests, ReadWordWithInsufficentData) {
227 const uint8_t der[] = {0x11, 0x22};
228 Input buf;
229 ASSERT_EQ(Success, buf.Init(der, 1));
230 Reader input(buf);
231
232 uint16_t readWord1 = 0;
233 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readWord1));
234 ASSERT_NE(0x1122, readWord1);
235 }
236
TEST_F(pkixder_input_tests,ReadWordWrapAroundPointer)237 TEST_F(pkixder_input_tests, ReadWordWrapAroundPointer) {
238 // The original implementation of our buffer read overflow checks was
239 // susceptible to integer overflows which could make the checks ineffective.
240 // This attempts to verify that we've fixed that. Unfortunately, decrementing
241 // a null pointer is undefined behavior according to the C++ language spec.,
242 // but this should catch the problem on at least some compilers, if not all of
243 // them.
244 const uint8_t* der = nullptr;
245 --der;
246 Input buf;
247 ASSERT_EQ(Success, buf.Init(der, 0));
248 Reader input(buf);
249 uint16_t b;
250 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(b));
251 }
252
TEST_F(pkixder_input_tests,Skip)253 TEST_F(pkixder_input_tests, Skip) {
254 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
255 Input buf(der);
256 Reader input(buf);
257
258 ASSERT_EQ(Success, input.Skip(1));
259
260 uint8_t readByte1 = 0;
261 ASSERT_EQ(Success, input.Read(readByte1));
262 ASSERT_EQ(0x22, readByte1);
263
264 ASSERT_EQ(Success, input.Skip(1));
265
266 uint8_t readByte2 = 0;
267 ASSERT_EQ(Success, input.Read(readByte2));
268 ASSERT_EQ(0x44, readByte2);
269 }
270
TEST_F(pkixder_input_tests,Skip_ToEnd)271 TEST_F(pkixder_input_tests, Skip_ToEnd) {
272 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
273 Input buf(der);
274 Reader input(buf);
275 ASSERT_EQ(Success, input.Skip(sizeof der));
276 ASSERT_TRUE(input.AtEnd());
277 }
278
TEST_F(pkixder_input_tests,Skip_PastEnd)279 TEST_F(pkixder_input_tests, Skip_PastEnd) {
280 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
281 Input buf(der);
282 Reader input(buf);
283
284 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der + 1));
285 }
286
TEST_F(pkixder_input_tests,Skip_ToNewInput)287 TEST_F(pkixder_input_tests, Skip_ToNewInput) {
288 const uint8_t der[] = {0x01, 0x02, 0x03, 0x04};
289 Input buf(der);
290 Reader input(buf);
291
292 Reader skippedInput;
293 ASSERT_EQ(Success, input.Skip(3, skippedInput));
294
295 uint8_t readByte1 = 0;
296 ASSERT_EQ(Success, input.Read(readByte1));
297 ASSERT_EQ(0x04, readByte1);
298
299 ASSERT_TRUE(input.AtEnd());
300
301 // Reader has no Remaining() or Length() so we simply read the bytes
302 // and then expect to be at the end.
303
304 for (uint8_t i = 1; i <= 3; ++i) {
305 uint8_t readByte = 0;
306 ASSERT_EQ(Success, skippedInput.Read(readByte));
307 ASSERT_EQ(i, readByte);
308 }
309
310 ASSERT_TRUE(skippedInput.AtEnd());
311 }
312
TEST_F(pkixder_input_tests,Skip_ToNewInputPastEnd)313 TEST_F(pkixder_input_tests, Skip_ToNewInputPastEnd) {
314 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
315 Input buf(der);
316 Reader input(buf);
317
318 Reader skippedInput;
319 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der * 2, skippedInput));
320 }
321
TEST_F(pkixder_input_tests,Skip_ToInput)322 TEST_F(pkixder_input_tests, Skip_ToInput) {
323 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
324 Input buf(der);
325 Reader input(buf);
326
327 const uint8_t expectedItemData[] = {0x11, 0x22, 0x33};
328
329 Input item;
330 ASSERT_EQ(Success, input.Skip(sizeof expectedItemData, item));
331
332 Input expected(expectedItemData);
333 ASSERT_TRUE(InputsAreEqual(expected, item));
334 }
335
TEST_F(pkixder_input_tests,Skip_WrapAroundPointer)336 TEST_F(pkixder_input_tests, Skip_WrapAroundPointer) {
337 // The original implementation of our buffer read overflow checks was
338 // susceptible to integer overflows which could make the checks ineffective.
339 // This attempts to verify that we've fixed that. Unfortunately, decrementing
340 // a null pointer is undefined behavior according to the C++ language spec.,
341 // but this should catch the problem on at least some compilers, if not all of
342 // them.
343 const uint8_t* der = nullptr;
344 --der;
345 Input buf;
346 ASSERT_EQ(Success, buf.Init(der, 0));
347 Reader input(buf);
348 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(1));
349 }
350
TEST_F(pkixder_input_tests,Skip_ToInputPastEnd)351 TEST_F(pkixder_input_tests, Skip_ToInputPastEnd) {
352 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
353 Input buf(der);
354 Reader input(buf);
355
356 Input skipped;
357 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der + 1, skipped));
358 }
359
TEST_F(pkixder_input_tests,SkipToEnd_ToInput)360 TEST_F(pkixder_input_tests, SkipToEnd_ToInput) {
361 static const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
362 Input buf(der);
363 Reader input(buf);
364
365 Input skipped;
366 ASSERT_EQ(Success, input.SkipToEnd(skipped));
367 }
368
TEST_F(pkixder_input_tests,SkipToEnd_ToInput_InputAlreadyInited)369 TEST_F(pkixder_input_tests, SkipToEnd_ToInput_InputAlreadyInited) {
370 static const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
371 Input buf(der);
372 Reader input(buf);
373
374 static const uint8_t initialValue[] = {0x01, 0x02, 0x03};
375 Input x(initialValue);
376 // Fails because skipped was already initialized once, and Inputs are not
377 // allowed to be Init()d multiple times.
378 ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, input.SkipToEnd(x));
379 ASSERT_TRUE(InputsAreEqual(x, Input(initialValue)));
380 }
381
TEST_F(pkixder_input_tests,ExpectTagAndSkipValue)382 TEST_F(pkixder_input_tests, ExpectTagAndSkipValue) {
383 Input buf(DER_SEQUENCE_OF_INT8);
384 Reader input(buf);
385
386 ASSERT_EQ(Success, ExpectTagAndSkipValue(input, SEQUENCE));
387 ASSERT_EQ(Success, End(input));
388 }
389
TEST_F(pkixder_input_tests,ExpectTagAndSkipValueWithTruncatedData)390 TEST_F(pkixder_input_tests, ExpectTagAndSkipValueWithTruncatedData) {
391 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
392 Reader input(buf);
393
394 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndSkipValue(input, SEQUENCE));
395 }
396
TEST_F(pkixder_input_tests,ExpectTagAndSkipValueWithOverrunData)397 TEST_F(pkixder_input_tests, ExpectTagAndSkipValueWithOverrunData) {
398 Input buf(DER_OVERRUN_SEQUENCE_OF_INT8);
399 Reader input(buf);
400 ASSERT_EQ(Success, ExpectTagAndSkipValue(input, SEQUENCE));
401 ASSERT_EQ(Result::ERROR_BAD_DER, End(input));
402 }
403
TEST_F(pkixder_input_tests,AtEndOnUnInitializedInput)404 TEST_F(pkixder_input_tests, AtEndOnUnInitializedInput) {
405 Reader input;
406 ASSERT_TRUE(input.AtEnd());
407 }
408
TEST_F(pkixder_input_tests,AtEndAtBeginning)409 TEST_F(pkixder_input_tests, AtEndAtBeginning) {
410 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
411 Input buf(der);
412 Reader input(buf);
413 ASSERT_FALSE(input.AtEnd());
414 }
415
TEST_F(pkixder_input_tests,AtEndAtEnd)416 TEST_F(pkixder_input_tests, AtEndAtEnd) {
417 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
418 Input buf(der);
419 Reader input(buf);
420 ASSERT_EQ(Success, input.Skip(sizeof der));
421 ASSERT_TRUE(input.AtEnd());
422 }
423
TEST_F(pkixder_input_tests,MarkAndGetInput)424 TEST_F(pkixder_input_tests, MarkAndGetInput) {
425 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
426 Input buf(der);
427 Reader input(buf);
428
429 Reader::Mark mark = input.GetMark();
430
431 const uint8_t expectedItemData[] = {0x11, 0x22, 0x33};
432
433 ASSERT_EQ(Success, input.Skip(sizeof expectedItemData));
434
435 Input item;
436 ASSERT_EQ(Success, input.GetInput(mark, item));
437 Input expected(expectedItemData);
438 ASSERT_TRUE(InputsAreEqual(expected, item));
439 }
440
441 // Cannot run this test on debug builds because of the NotReached
442 #ifdef NDEBUG
TEST_F(pkixder_input_tests,MarkAndGetInputDifferentInput)443 TEST_F(pkixder_input_tests, MarkAndGetInputDifferentInput) {
444 const uint8_t der[] = {0x11, 0x22, 0x33, 0x44};
445 Input buf(der);
446 Reader input(buf);
447
448 Reader another;
449 Reader::Mark mark = another.GetMark();
450
451 ASSERT_EQ(Success, input.Skip(3));
452
453 Input item;
454 ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, input.GetInput(mark, item));
455 }
456 #endif
457
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_AtEnd)458 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_AtEnd) {
459 Reader input(EMPTY_INPUT);
460 uint8_t tag;
461 Input value;
462 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
463 }
464
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_TruncatedAfterTag)465 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_TruncatedAfterTag) {
466 static const uint8_t DER[] = {SEQUENCE};
467 Input buf(DER);
468 Reader input(buf);
469 uint8_t tag;
470 Input value;
471 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
472 }
473
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_ValidEmpty)474 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_ValidEmpty) {
475 Input buf(DER_SEQUENCE_EMPTY);
476 Reader input(buf);
477 uint8_t tag = 0;
478 Input value;
479 ASSERT_EQ(Success, ReadTagAndGetValue(input, tag, value));
480 ASSERT_EQ(SEQUENCE, tag);
481 ASSERT_EQ(0u, value.GetLength());
482 ASSERT_TRUE(input.AtEnd());
483 }
484
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_ValidNotEmpty)485 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_ValidNotEmpty) {
486 Input buf(DER_SEQUENCE_NOT_EMPTY);
487 Reader input(buf);
488 uint8_t tag = 0;
489 Input value;
490 ASSERT_EQ(Success, ReadTagAndGetValue(input, tag, value));
491 ASSERT_EQ(SEQUENCE, tag);
492 Input expected(DER_SEQUENCE_NOT_EMPTY_VALUE);
493 ASSERT_TRUE(InputsAreEqual(expected, value));
494 ASSERT_TRUE(input.AtEnd());
495 }
496
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_InvalidNotEmptyValueTruncated)497 TEST_F(pkixder_input_tests,
498 ReadTagAndGetValue_Input_InvalidNotEmptyValueTruncated) {
499 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
500 Reader input(buf);
501 uint8_t tag;
502 Input value;
503 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
504 }
505
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_InvalidWrongLength)506 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidWrongLength) {
507 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
508 Reader input(buf);
509 uint8_t tag;
510 Input value;
511 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
512 }
513
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_InvalidHighTagNumberForm1)514 TEST_F(pkixder_input_tests,
515 ReadTagAndGetValue_Input_InvalidHighTagNumberForm1) {
516 // High tag number form is not allowed (illegal 1 byte tag)
517 //
518 // If the decoder treats 0x1F as a valid low tag number tag, then it will
519 // treat the actual tag (1) as a length, and then it will return Success
520 // with value == { 0x00 } and tag == 0x1f.
521 //
522 // It is illegal to encode tag 1 in the high tag number form because it isn't
523 // the shortest encoding (the low tag number form is).
524 static const uint8_t DER[] = {
525 0x1F, // high tag number form indicator
526 1, // tag 1 (not legal!)
527 0 // length zero
528 };
529 Input buf(DER);
530 Reader input(buf);
531 uint8_t tag;
532 Input value;
533 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
534 }
535
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_InvalidHighTagNumberForm2)536 TEST_F(pkixder_input_tests,
537 ReadTagAndGetValue_Input_InvalidHighTagNumberForm2) {
538 // High tag number form is not allowed (legal 1 byte tag).
539 //
540 // ReadTagAndGetValue's check to prohibit the high tag number form has no
541 // effect on whether this test passes or fails, because ReadTagAndGetValue
542 // will interpret the second byte (31) as a length, and the input doesn't
543 // have 31 bytes following it. This test is here to guard against the case
544 // where somebody actually implements high tag number form parsing, to remind
545 // that person that they need to add tests here, including in particular
546 // tests for overly-long encodings.
547 static const uint8_t DER[] = {
548 0x1F, // high tag number form indicator
549 31, // tag 31
550 0 // length zero
551 };
552 Input buf(DER);
553 Reader input(buf);
554 uint8_t tag;
555 Input value;
556 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
557 }
558
TEST_F(pkixder_input_tests,ReadTagAndGetValue_Input_InvalidHighTagNumberForm3)559 TEST_F(pkixder_input_tests,
560 ReadTagAndGetValue_Input_InvalidHighTagNumberForm3) {
561 // High tag number form is not allowed (2 byte legal tag)
562 //
563 // ReadTagAndGetValue's check to prohibit the high tag number form has no
564 // effect on whether this test passes or fails, because ReadTagAndGetValue
565 // will interpret the second byte as a length, and the input doesn't have
566 // that many bytes following it. This test is here to guard against the case
567 // where somebody actually implements high tag number form parsing, to remind
568 // that person that they need to add tests here, including in particular
569 // tests for overly-long encodings.
570 static const uint8_t DER[] = {
571 0x1F, // high tag number form indicator
572 0x80 | 0x01, 0x00, // tag 0x100 (256)
573 0 // length zero
574 };
575 Input buf(DER);
576 Reader input(buf);
577 uint8_t tag;
578 Input value;
579 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
580 }
581
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Reader_ValidEmpty)582 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_ValidEmpty) {
583 Input buf(DER_SEQUENCE_EMPTY);
584 Reader input(buf);
585 Reader value;
586 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
587 ASSERT_TRUE(value.AtEnd());
588 ASSERT_TRUE(input.AtEnd());
589 }
590
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Reader_ValidNotEmpty)591 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_ValidNotEmpty) {
592 Input buf(DER_SEQUENCE_NOT_EMPTY);
593 Reader input(buf);
594 Reader value;
595 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
596 ASSERT_TRUE(value.MatchRest(DER_SEQUENCE_NOT_EMPTY_VALUE));
597 ASSERT_TRUE(input.AtEnd());
598 }
599
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Reader_InvalidNotEmptyValueTruncated)600 TEST_F(pkixder_input_tests,
601 ExpectTagAndGetValue_Reader_InvalidNotEmptyValueTruncated) {
602 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
603 Reader input(buf);
604 Reader value;
605 ASSERT_EQ(Result::ERROR_BAD_DER,
606 ExpectTagAndGetValue(input, SEQUENCE, value));
607 }
608
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Reader_InvalidWrongLength)609 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_InvalidWrongLength) {
610 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
611 Reader input(buf);
612 Reader value;
613 ASSERT_EQ(Result::ERROR_BAD_DER,
614 ExpectTagAndGetValue(input, SEQUENCE, value));
615 }
616
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Reader_InvalidWrongTag)617 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_InvalidWrongTag) {
618 Input buf(DER_SEQUENCE_NOT_EMPTY);
619 Reader input(buf);
620 Reader value;
621 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetValue(input, INTEGER, value));
622 }
623
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Input_ValidEmpty)624 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_ValidEmpty) {
625 Input buf(DER_SEQUENCE_EMPTY);
626 Reader input(buf);
627 Input value;
628 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
629 ASSERT_EQ(0u, value.GetLength());
630 ASSERT_TRUE(input.AtEnd());
631 }
632
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Input_ValidNotEmpty)633 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_ValidNotEmpty) {
634 Input buf(DER_SEQUENCE_NOT_EMPTY);
635 Reader input(buf);
636 Input value;
637 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
638 Input expected(DER_SEQUENCE_NOT_EMPTY_VALUE);
639 ASSERT_TRUE(InputsAreEqual(expected, value));
640 ASSERT_TRUE(input.AtEnd());
641 }
642
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Input_InvalidNotEmptyValueTruncated)643 TEST_F(pkixder_input_tests,
644 ExpectTagAndGetValue_Input_InvalidNotEmptyValueTruncated) {
645 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
646 Reader input(buf);
647 Input value;
648 ASSERT_EQ(Result::ERROR_BAD_DER,
649 ExpectTagAndGetValue(input, SEQUENCE, value));
650 }
651
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Input_InvalidWrongLength)652 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_InvalidWrongLength) {
653 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
654 Reader input(buf);
655 Input value;
656 ASSERT_EQ(Result::ERROR_BAD_DER,
657 ExpectTagAndGetValue(input, SEQUENCE, value));
658 }
659
TEST_F(pkixder_input_tests,ExpectTagAndGetValue_Input_InvalidWrongTag)660 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_InvalidWrongTag) {
661 Input buf(DER_SEQUENCE_NOT_EMPTY);
662 Reader input(buf);
663 Input value;
664 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetValue(input, INTEGER, value));
665 }
666
TEST_F(pkixder_input_tests,ExpectTagAndEmptyValue_ValidEmpty)667 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_ValidEmpty) {
668 Input buf(DER_SEQUENCE_EMPTY);
669 Reader input(buf);
670 ASSERT_EQ(Success, ExpectTagAndEmptyValue(input, SEQUENCE));
671 ASSERT_TRUE(input.AtEnd());
672 }
673
TEST_F(pkixder_input_tests,ExpectTagAndEmptyValue_InValidNotEmpty)674 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InValidNotEmpty) {
675 Input buf(DER_SEQUENCE_NOT_EMPTY);
676 Reader input(buf);
677 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE));
678 }
679
TEST_F(pkixder_input_tests,ExpectTagAndEmptyValue_Input_InvalidNotEmptyValueTruncated)680 TEST_F(pkixder_input_tests,
681 ExpectTagAndEmptyValue_Input_InvalidNotEmptyValueTruncated) {
682 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
683 Reader input(buf);
684 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE));
685 }
686
TEST_F(pkixder_input_tests,ExpectTagAndEmptyValue_InvalidWrongLength)687 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InvalidWrongLength) {
688 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
689 Reader input(buf);
690 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE));
691 }
692
TEST_F(pkixder_input_tests,ExpectTagAndEmptyValue_InvalidWrongTag)693 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InvalidWrongTag) {
694 Input buf(DER_SEQUENCE_NOT_EMPTY);
695 Reader input(buf);
696 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, INTEGER));
697 }
698
TEST_F(pkixder_input_tests,ExpectTagAndGetTLV_Input_ValidEmpty)699 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_ValidEmpty) {
700 Input buf(DER_SEQUENCE_EMPTY);
701 Reader input(buf);
702 Input tlv;
703 ASSERT_EQ(Success, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
704 Input expected(DER_SEQUENCE_EMPTY);
705 ASSERT_TRUE(InputsAreEqual(expected, tlv));
706 ASSERT_TRUE(input.AtEnd());
707 }
708
TEST_F(pkixder_input_tests,ExpectTagAndGetTLV_Input_ValidNotEmpty)709 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_ValidNotEmpty) {
710 Input buf(DER_SEQUENCE_NOT_EMPTY);
711 Reader input(buf);
712 Input tlv;
713 ASSERT_EQ(Success, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
714 Input expected(DER_SEQUENCE_NOT_EMPTY);
715 ASSERT_TRUE(InputsAreEqual(expected, tlv));
716 ASSERT_TRUE(input.AtEnd());
717 }
718
TEST_F(pkixder_input_tests,ExpectTagAndGetTLV_Input_InvalidNotEmptyValueTruncated)719 TEST_F(pkixder_input_tests,
720 ExpectTagAndGetTLV_Input_InvalidNotEmptyValueTruncated) {
721 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
722 Reader input(buf);
723 Input tlv;
724 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
725 }
726
TEST_F(pkixder_input_tests,ExpectTagAndGetTLV_Input_InvalidWrongLength)727 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_InvalidWrongLength) {
728 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
729 Reader input(buf);
730 Input tlv;
731 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
732 }
733
TEST_F(pkixder_input_tests,ExpectTagAndGetTLV_Input_InvalidWrongTag)734 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_InvalidWrongTag) {
735 Input buf(DER_SEQUENCE_NOT_EMPTY);
736 Reader input(buf);
737 Input tlv;
738 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, INTEGER, tlv));
739 }
740
TEST_F(pkixder_input_tests,EndAtEnd)741 TEST_F(pkixder_input_tests, EndAtEnd) {
742 Input buf(DER_INT16);
743 Reader input(buf);
744 ASSERT_EQ(Success, input.Skip(4));
745 ASSERT_EQ(Success, End(input));
746 }
747
TEST_F(pkixder_input_tests,EndBeforeEnd)748 TEST_F(pkixder_input_tests, EndBeforeEnd) {
749 Input buf(DER_INT16);
750 Reader input(buf);
751 ASSERT_EQ(Success, input.Skip(2));
752 ASSERT_EQ(Result::ERROR_BAD_DER, End(input));
753 }
754
TEST_F(pkixder_input_tests,EndAtBeginning)755 TEST_F(pkixder_input_tests, EndAtBeginning) {
756 Input buf(DER_INT16);
757 Reader input(buf);
758 ASSERT_EQ(Result::ERROR_BAD_DER, End(input));
759 }
760
761 // TODO: Need tests for Nested too?
762
NestedOfHelper(Reader & input,std::vector<uint8_t> & readValues)763 Result NestedOfHelper(Reader& input, std::vector<uint8_t>& readValues) {
764 uint8_t value = 0;
765 Result rv = input.Read(value);
766 EXPECT_EQ(Success, rv);
767 if (rv != Success) {
768 return rv;
769 }
770 readValues.push_back(value);
771 return Success;
772 }
773
TEST_F(pkixder_input_tests,NestedOf)774 TEST_F(pkixder_input_tests, NestedOf) {
775 Input buf(DER_SEQUENCE_OF_INT8);
776 Reader input(buf);
777
778 std::vector<uint8_t> readValues;
779 ASSERT_EQ(Success, NestedOf(input, SEQUENCE, INTEGER, EmptyAllowed::No,
780 [&readValues](Reader& r) {
781 return NestedOfHelper(r, readValues);
782 }));
783 ASSERT_EQ(3u, readValues.size());
784 ASSERT_EQ(0x01, readValues[0]);
785 ASSERT_EQ(0x02, readValues[1]);
786 ASSERT_EQ(0x03, readValues[2]);
787 ASSERT_EQ(Success, End(input));
788 }
789
TEST_F(pkixder_input_tests,NestedOfWithTruncatedData)790 TEST_F(pkixder_input_tests, NestedOfWithTruncatedData) {
791 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
792 Reader input(buf);
793
794 std::vector<uint8_t> readValues;
795 ASSERT_EQ(Result::ERROR_BAD_DER,
796 NestedOf(input, SEQUENCE, INTEGER, EmptyAllowed::No,
797 [&readValues](Reader& r) {
798 return NestedOfHelper(r, readValues);
799 }));
800 ASSERT_EQ(0u, readValues.size());
801 }
802
TEST_F(pkixder_input_tests,MatchRestAtEnd)803 TEST_F(pkixder_input_tests, MatchRestAtEnd) {
804 static const uint8_t der[1] = {};
805 Input buf;
806 ASSERT_EQ(Success, buf.Init(der, 0));
807 Reader input(buf);
808 ASSERT_TRUE(input.AtEnd());
809 static const uint8_t toMatch[] = {1};
810 ASSERT_FALSE(input.MatchRest(toMatch));
811 }
812
TEST_F(pkixder_input_tests,MatchRest1Match)813 TEST_F(pkixder_input_tests, MatchRest1Match) {
814 static const uint8_t der[] = {1};
815 Input buf(der);
816 Reader input(buf);
817 ASSERT_FALSE(input.AtEnd());
818 ASSERT_TRUE(input.MatchRest(der));
819 }
820
TEST_F(pkixder_input_tests,MatchRest1Mismatch)821 TEST_F(pkixder_input_tests, MatchRest1Mismatch) {
822 static const uint8_t der[] = {1};
823 Input buf(der);
824 Reader input(buf);
825 static const uint8_t toMatch[] = {2};
826 ASSERT_FALSE(input.MatchRest(toMatch));
827 ASSERT_FALSE(input.AtEnd());
828 }
829
TEST_F(pkixder_input_tests,MatchRest2WithTrailingByte)830 TEST_F(pkixder_input_tests, MatchRest2WithTrailingByte) {
831 static const uint8_t der[] = {1, 2, 3};
832 Input buf(der);
833 Reader input(buf);
834 static const uint8_t toMatch[] = {1, 2};
835 ASSERT_FALSE(input.MatchRest(toMatch));
836 }
837
TEST_F(pkixder_input_tests,MatchRest2Mismatch)838 TEST_F(pkixder_input_tests, MatchRest2Mismatch) {
839 static const uint8_t der[] = {1, 2, 3};
840 Input buf(der);
841 Reader input(buf);
842 static const uint8_t toMatchMismatch[] = {1, 3};
843 ASSERT_FALSE(input.MatchRest(toMatchMismatch));
844 ASSERT_TRUE(input.MatchRest(der));
845 }
846
847 } // namespace
848