1 /*
2  * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include <string.h>
12 
13 #include <openssl/rand.h>
14 #include <openssl/asn1t.h>
15 #include "internal/numbers.h"
16 #include "testutil.h"
17 
18 #ifdef __GNUC__
19 # pragma GCC diagnostic ignored "-Wunused-function"
20 # pragma GCC diagnostic ignored "-Wformat"
21 #endif
22 #ifdef __clang__
23 # pragma clang diagnostic ignored "-Wunused-function"
24 # pragma clang diagnostic ignored "-Wformat"
25 #endif
26 
27 /***** Custom test data ******************************************************/
28 
29 /*
30  * We conduct tests with these arrays for every type we try out.
31  * You will find the expected results together with the test structures
32  * for each type, further down.
33  */
34 
35 static unsigned char t_zero[] = {
36     0x00
37 };
38 static unsigned char t_one[] = {
39     0x01
40 };
41 static unsigned char t_one_neg[] = {
42     0xff
43 };
44 static unsigned char t_minus_256[] = {
45     0xff, 0x00
46 };
47 static unsigned char t_longundef[] = {
48     0x7f, 0xff, 0xff, 0xff
49 };
50 static unsigned char t_9bytes_1[] = {
51     0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
52 };
53 static unsigned char t_8bytes_1[] = {
54     0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
55 };
56 static unsigned char t_8bytes_2[] = {
57     0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
58 };
59 static unsigned char t_8bytes_3_pad[] = {
60     0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
61 };
62 static unsigned char t_8bytes_4_neg[] = {
63     0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
64 };
65 static unsigned char t_8bytes_5_negpad[] = {
66     0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
67 };
68 
69 /* 32-bit long */
70 static unsigned char t_5bytes_1[] = {
71     0x01, 0xff, 0xff, 0xff, 0xff
72 };
73 static unsigned char t_4bytes_1[] = {
74     0x00, 0x80, 0x00, 0x00, 0x00
75 };
76 /* We make the last byte 0xfe to avoid a clash with ASN1_LONG_UNDEF */
77 static unsigned char t_4bytes_2[] = {
78     0x7f, 0xff, 0xff, 0xfe
79 };
80 static unsigned char t_4bytes_3_pad[] = {
81     0x00, 0x7f, 0xff, 0xff, 0xfe
82 };
83 static unsigned char t_4bytes_4_neg[] = {
84     0x80, 0x00, 0x00, 0x00
85 };
86 static unsigned char t_4bytes_5_negpad[] = {
87     0xff, 0x80, 0x00, 0x00, 0x00
88 };
89 
90 typedef struct {
91     unsigned char *bytes1;
92     size_t nbytes1;
93     unsigned char *bytes2;
94     size_t nbytes2;
95 } TEST_CUSTOM_DATA;
96 #define CUSTOM_DATA(v)                          \
97     { v, sizeof(v), t_one, sizeof(t_one) },     \
98     { t_one, sizeof(t_one), v, sizeof(v) }
99 
100 static TEST_CUSTOM_DATA test_custom_data[] = {
101     CUSTOM_DATA(t_zero),
102     CUSTOM_DATA(t_longundef),
103     CUSTOM_DATA(t_one),
104     CUSTOM_DATA(t_one_neg),
105     CUSTOM_DATA(t_minus_256),
106     CUSTOM_DATA(t_9bytes_1),
107     CUSTOM_DATA(t_8bytes_1),
108     CUSTOM_DATA(t_8bytes_2),
109     CUSTOM_DATA(t_8bytes_3_pad),
110     CUSTOM_DATA(t_8bytes_4_neg),
111     CUSTOM_DATA(t_8bytes_5_negpad),
112     CUSTOM_DATA(t_5bytes_1),
113     CUSTOM_DATA(t_4bytes_1),
114     CUSTOM_DATA(t_4bytes_2),
115     CUSTOM_DATA(t_4bytes_3_pad),
116     CUSTOM_DATA(t_4bytes_4_neg),
117     CUSTOM_DATA(t_4bytes_5_negpad),
118 };
119 
120 
121 /***** Type specific test data ***********************************************/
122 
123 /*
124  * First, a few utility things that all type specific data can use, or in some
125  * cases, MUST use.
126  */
127 
128 /*
129  * For easy creation of arrays of expected data.  These macros correspond to
130  * the uses of CUSTOM_DATA above.
131  */
132 #define CUSTOM_EXPECTED_SUCCESS(num, znum)      \
133     { 0xff, num, 1 },                           \
134     { 0xff, 1, znum }
135 #define CUSTOM_EXPECTED_FAILURE                 \
136     { 0, 0, 0 },                                \
137     { 0, 0, 0 }
138 
139 /*
140  * A structure to collect all test information in.  There MUST be one instance
141  * of this for each test
142  */
143 typedef int i2d_fn(void *a, unsigned char **pp);
144 typedef void *d2i_fn(void **a, unsigned char **pp, long length);
145 typedef void ifree_fn(void *a);
146 typedef struct {
147     ASN1_ITEM_EXP *asn1_type;
148     const char *name;
149     int skip;                    /* 1 if this package should be skipped */
150 
151     /* An array of structures to compare decoded custom data with */
152     void *encode_expectations;
153     size_t encode_expectations_size;
154     size_t encode_expectations_elem_size;
155 
156     /*
157      * An array of structures that are encoded into a DER blob, which is
158      * then decoded, and result gets compared with the original.
159      */
160     void *encdec_data;
161     size_t encdec_data_size;
162     size_t encdec_data_elem_size;
163 
164     /* The i2d function to use with this type */
165     i2d_fn *i2d;
166     /* The d2i function to use with this type */
167     d2i_fn *d2i;
168     /* Function to free a decoded structure */
169     ifree_fn *ifree;
170 } TEST_PACKAGE;
171 
172 /* To facilitate the creation of an encdec_data array */
173 #define ENCDEC_DATA(num, znum)                  \
174     { 0xff, num, 1 }, { 0xff, 1, znum }
175 #define ENCDEC_ARRAY(max, zmax, min, zmin)      \
176     ENCDEC_DATA(max,zmax),                      \
177     ENCDEC_DATA(min,zmin),                      \
178     ENCDEC_DATA(1, 1),                          \
179     ENCDEC_DATA(-1, -1),                        \
180     ENCDEC_DATA(0, ASN1_LONG_UNDEF)
181 
182 #ifndef OPENSSL_NO_DEPRECATED_3_0
183 /***** LONG ******************************************************************/
184 
185 typedef struct {
186     /* If decoding is expected to succeed, set this to 1, otherwise 0 */
187     ASN1_BOOLEAN success;
188     long test_long;
189     long test_zlong;
190 } ASN1_LONG_DATA;
191 
192 ASN1_SEQUENCE(ASN1_LONG_DATA) = {
193     ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_BOOLEAN),
194     ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG),
195     ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0)
196 } static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
197 
198 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
199 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
200 
201 static ASN1_LONG_DATA long_expected_32bit[] = {
202     /* The following should fail on the second because it's the default */
203     { 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */
204     { 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */
205     CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
206     CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
207     CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
208     CUSTOM_EXPECTED_FAILURE,     /* t_9bytes_1 */
209     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_1 */
210     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_2 */
211     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_3_pad */
212     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_4_neg */
213     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_5_negpad */
214     CUSTOM_EXPECTED_FAILURE,     /* t_5bytes_1 */
215     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_1 (too large positive) */
216     CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
217     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_3_pad (illegal padding) */
218     CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
219     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_5_negpad (illegal padding) */
220 };
221 static ASN1_LONG_DATA long_encdec_data_32bit[] = {
222     ENCDEC_ARRAY(LONG_MAX - 1, LONG_MAX, LONG_MIN, LONG_MIN),
223     /* Check that default numbers fail */
224     { 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 }
225 };
226 
227 static TEST_PACKAGE long_test_package_32bit = {
228     ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 4,
229     long_expected_32bit,
230     sizeof(long_expected_32bit), sizeof(long_expected_32bit[0]),
231     long_encdec_data_32bit,
232     sizeof(long_encdec_data_32bit), sizeof(long_encdec_data_32bit[0]),
233     (i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA,
234     (ifree_fn *)ASN1_LONG_DATA_free
235 };
236 
237 static ASN1_LONG_DATA long_expected_64bit[] = {
238     /* The following should fail on the second because it's the default */
239     { 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */
240     { 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */
241     CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
242     CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
243     CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
244     CUSTOM_EXPECTED_FAILURE,     /* t_9bytes_1 */
245     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_1 */
246     CUSTOM_EXPECTED_SUCCESS(LONG_MAX, LONG_MAX), /* t_8bytes_2 */
247     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_3_pad (illegal padding) */
248     CUSTOM_EXPECTED_SUCCESS(LONG_MIN, LONG_MIN), /* t_8bytes_4_neg */
249     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_5_negpad (illegal padding) */
250     CUSTOM_EXPECTED_SUCCESS((long)0x1ffffffff, (long)0x1ffffffff), /* t_5bytes_1 */
251     CUSTOM_EXPECTED_SUCCESS((long)0x80000000, (long)0x80000000), /* t_4bytes_1 */
252     CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
253     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_3_pad (illegal padding) */
254     CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
255     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_5_negpad (illegal padding) */
256 };
257 static ASN1_LONG_DATA long_encdec_data_64bit[] = {
258     ENCDEC_ARRAY(LONG_MAX, LONG_MAX, LONG_MIN, LONG_MIN),
259     /* Check that default numbers fail */
260     { 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 }
261 };
262 
263 static TEST_PACKAGE long_test_package_64bit = {
264     ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 8,
265     long_expected_64bit,
266     sizeof(long_expected_64bit), sizeof(long_expected_64bit[0]),
267     long_encdec_data_64bit,
268     sizeof(long_encdec_data_64bit), sizeof(long_encdec_data_64bit[0]),
269     (i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA,
270     (ifree_fn *)ASN1_LONG_DATA_free
271 };
272 #endif
273 
274 /***** INT32 *****************************************************************/
275 
276 typedef struct {
277     ASN1_BOOLEAN success;
278     int32_t test_int32;
279     int32_t test_zint32;
280 } ASN1_INT32_DATA;
281 
282 ASN1_SEQUENCE(ASN1_INT32_DATA) = {
283     ASN1_SIMPLE(ASN1_INT32_DATA, success, ASN1_BOOLEAN),
284     ASN1_EMBED(ASN1_INT32_DATA, test_int32, INT32),
285     ASN1_EXP_OPT_EMBED(ASN1_INT32_DATA, test_zint32, ZINT32, 0)
286 } static_ASN1_SEQUENCE_END(ASN1_INT32_DATA)
287 
288 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT32_DATA)
289 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT32_DATA)
290 
291 static ASN1_INT32_DATA int32_expected[] = {
292     CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
293     CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
294     CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
295     CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
296     CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
297     CUSTOM_EXPECTED_FAILURE,     /* t_9bytes_1 */
298     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_1 */
299     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_2 */
300     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_3_pad */
301     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_4_neg */
302     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_5_negpad */
303     CUSTOM_EXPECTED_FAILURE,     /* t_5bytes_1 */
304     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_1 (too large positive) */
305     CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
306     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_3_pad (illegal padding) */
307     CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
308     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_5_negpad (illegal padding) */
309 };
310 static ASN1_INT32_DATA int32_encdec_data[] = {
311     ENCDEC_ARRAY(INT32_MAX, INT32_MAX, INT32_MIN, INT32_MIN),
312 };
313 
314 static TEST_PACKAGE int32_test_package = {
315     ASN1_ITEM_ref(ASN1_INT32_DATA), "INT32", 0,
316     int32_expected, sizeof(int32_expected), sizeof(int32_expected[0]),
317     int32_encdec_data, sizeof(int32_encdec_data), sizeof(int32_encdec_data[0]),
318     (i2d_fn *)i2d_ASN1_INT32_DATA, (d2i_fn *)d2i_ASN1_INT32_DATA,
319     (ifree_fn *)ASN1_INT32_DATA_free
320 };
321 
322 /***** UINT32 ****************************************************************/
323 
324 typedef struct {
325     ASN1_BOOLEAN success;
326     uint32_t test_uint32;
327     uint32_t test_zuint32;
328 } ASN1_UINT32_DATA;
329 
330 ASN1_SEQUENCE(ASN1_UINT32_DATA) = {
331     ASN1_SIMPLE(ASN1_UINT32_DATA, success, ASN1_BOOLEAN),
332     ASN1_EMBED(ASN1_UINT32_DATA, test_uint32, UINT32),
333     ASN1_EXP_OPT_EMBED(ASN1_UINT32_DATA, test_zuint32, ZUINT32, 0)
334 } static_ASN1_SEQUENCE_END(ASN1_UINT32_DATA)
335 
336 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT32_DATA)
337 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT32_DATA)
338 
339 static ASN1_UINT32_DATA uint32_expected[] = {
340     CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
341     CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
342     CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
343     CUSTOM_EXPECTED_FAILURE,     /* t_one_neg (illegal negative value) */
344     CUSTOM_EXPECTED_FAILURE,     /* t_minus_256 (illegal negative value) */
345     CUSTOM_EXPECTED_FAILURE,     /* t_9bytes_1 */
346     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_1 */
347     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_2 */
348     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_3_pad */
349     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_4_neg */
350     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_5_negpad */
351     CUSTOM_EXPECTED_FAILURE,     /* t_5bytes_1 */
352     CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
353     CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
354     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_3_pad (illegal padding) */
355     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_4_neg (illegal negative value) */
356     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_5_negpad (illegal padding) */
357 };
358 static ASN1_UINT32_DATA uint32_encdec_data[] = {
359     ENCDEC_ARRAY(UINT32_MAX, UINT32_MAX, 0, 0),
360 };
361 
362 static TEST_PACKAGE uint32_test_package = {
363     ASN1_ITEM_ref(ASN1_UINT32_DATA), "UINT32", 0,
364     uint32_expected, sizeof(uint32_expected), sizeof(uint32_expected[0]),
365     uint32_encdec_data, sizeof(uint32_encdec_data), sizeof(uint32_encdec_data[0]),
366     (i2d_fn *)i2d_ASN1_UINT32_DATA, (d2i_fn *)d2i_ASN1_UINT32_DATA,
367     (ifree_fn *)ASN1_UINT32_DATA_free
368 };
369 
370 /***** INT64 *****************************************************************/
371 
372 typedef struct {
373     ASN1_BOOLEAN success;
374     int64_t test_int64;
375     int64_t test_zint64;
376 } ASN1_INT64_DATA;
377 
378 ASN1_SEQUENCE(ASN1_INT64_DATA) = {
379     ASN1_SIMPLE(ASN1_INT64_DATA, success, ASN1_BOOLEAN),
380     ASN1_EMBED(ASN1_INT64_DATA, test_int64, INT64),
381     ASN1_EXP_OPT_EMBED(ASN1_INT64_DATA, test_zint64, ZINT64, 0)
382 } static_ASN1_SEQUENCE_END(ASN1_INT64_DATA)
383 
384 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT64_DATA)
385 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT64_DATA)
386 
387 static ASN1_INT64_DATA int64_expected[] = {
388     CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
389     CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
390     CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
391     CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
392     CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
393     CUSTOM_EXPECTED_FAILURE,     /* t_9bytes_1 */
394     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_1 (too large positive) */
395     CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
396     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_3_pad (illegal padding) */
397     CUSTOM_EXPECTED_SUCCESS(INT64_MIN, INT64_MIN), /* t_8bytes_4_neg */
398     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_5_negpad (illegal padding) */
399     CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */
400     CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
401     CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
402     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_3_pad (illegal padding) */
403     CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
404     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_5_negpad (illegal padding) */
405 };
406 static ASN1_INT64_DATA int64_encdec_data[] = {
407     ENCDEC_ARRAY(INT64_MAX, INT64_MAX, INT64_MIN, INT64_MIN),
408     ENCDEC_ARRAY(INT32_MAX, INT32_MAX, INT32_MIN, INT32_MIN),
409 };
410 
411 static TEST_PACKAGE int64_test_package = {
412     ASN1_ITEM_ref(ASN1_INT64_DATA), "INT64", 0,
413     int64_expected, sizeof(int64_expected), sizeof(int64_expected[0]),
414     int64_encdec_data, sizeof(int64_encdec_data), sizeof(int64_encdec_data[0]),
415     (i2d_fn *)i2d_ASN1_INT64_DATA, (d2i_fn *)d2i_ASN1_INT64_DATA,
416     (ifree_fn *)ASN1_INT64_DATA_free
417 };
418 
419 /***** UINT64 ****************************************************************/
420 
421 typedef struct {
422     ASN1_BOOLEAN success;
423     uint64_t test_uint64;
424     uint64_t test_zuint64;
425 } ASN1_UINT64_DATA;
426 
427 ASN1_SEQUENCE(ASN1_UINT64_DATA) = {
428     ASN1_SIMPLE(ASN1_UINT64_DATA, success, ASN1_BOOLEAN),
429     ASN1_EMBED(ASN1_UINT64_DATA, test_uint64, UINT64),
430     ASN1_EXP_OPT_EMBED(ASN1_UINT64_DATA, test_zuint64, ZUINT64, 0)
431 } static_ASN1_SEQUENCE_END(ASN1_UINT64_DATA)
432 
433 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT64_DATA)
434 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT64_DATA)
435 
436 static ASN1_UINT64_DATA uint64_expected[] = {
437     CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
438     CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
439     CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
440     CUSTOM_EXPECTED_FAILURE,     /* t_one_neg (illegal negative value) */
441     CUSTOM_EXPECTED_FAILURE,     /* t_minus_256 (illegal negative value) */
442     CUSTOM_EXPECTED_FAILURE,     /* t_9bytes_1 */
443     CUSTOM_EXPECTED_SUCCESS((uint64_t)INT64_MAX+1, (uint64_t)INT64_MAX+1),
444                                  /* t_8bytes_1 */
445     CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
446     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_3_pad */
447     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_4_neg */
448     CUSTOM_EXPECTED_FAILURE,     /* t_8bytes_5_negpad */
449     CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */
450     CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
451     CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
452     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_3_pad (illegal padding) */
453     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_4_neg (illegal negative value) */
454     CUSTOM_EXPECTED_FAILURE,     /* t_4bytes_5_negpad (illegal padding) */
455 };
456 static ASN1_UINT64_DATA uint64_encdec_data[] = {
457     ENCDEC_ARRAY(UINT64_MAX, UINT64_MAX, 0, 0),
458 };
459 
460 static TEST_PACKAGE uint64_test_package = {
461     ASN1_ITEM_ref(ASN1_UINT64_DATA), "UINT64", 0,
462     uint64_expected, sizeof(uint64_expected), sizeof(uint64_expected[0]),
463     uint64_encdec_data, sizeof(uint64_encdec_data), sizeof(uint64_encdec_data[0]),
464     (i2d_fn *)i2d_ASN1_UINT64_DATA, (d2i_fn *)d2i_ASN1_UINT64_DATA,
465     (ifree_fn *)ASN1_UINT64_DATA_free
466 };
467 
468 /***** General testing functions *********************************************/
469 
470 
471 /* Template structure to map onto any test data structure */
472 typedef struct {
473     ASN1_BOOLEAN success;
474     unsigned char bytes[1];       /* In reality, there's more */
475 } EXPECTED;
476 
477 /*
478  * do_decode returns a tristate:
479  *
480  *      -1      Couldn't decode
481  *      0       decoded structure wasn't what was expected (failure)
482  *      1       decoded structure was what was expected (success)
483  */
do_decode(unsigned char * bytes,long nbytes,const EXPECTED * expected,size_t expected_size,const TEST_PACKAGE * package)484 static int do_decode(unsigned char *bytes, long nbytes,
485                      const EXPECTED *expected, size_t expected_size,
486                      const TEST_PACKAGE *package)
487 {
488     EXPECTED *enctst = NULL;
489     const unsigned char *start;
490     int ret = 0;
491 
492     start = bytes;
493     enctst = package->d2i(NULL, &bytes, nbytes);
494     if (enctst == NULL) {
495         if (expected->success == 0) {
496             ret = 1;
497             ERR_clear_error();
498         } else {
499             ret = -1;
500         }
501     } else {
502         if (start + nbytes == bytes
503             && memcmp(enctst, expected, expected_size) == 0)
504             ret = 1;
505         else
506             ret = 0;
507     }
508 
509     package->ifree(enctst);
510     return ret;
511 }
512 
513 /*
514  * do_encode returns a tristate:
515  *
516  *      -1      Couldn't encode
517  *      0       encoded DER wasn't what was expected (failure)
518  *      1       encoded DER was what was expected (success)
519  */
do_encode(EXPECTED * input,const unsigned char * expected,size_t expected_len,const TEST_PACKAGE * package)520 static int do_encode(EXPECTED *input,
521                      const unsigned char *expected, size_t expected_len,
522                      const TEST_PACKAGE *package)
523 {
524     unsigned char *data = NULL;
525     int len;
526     int ret = 0;
527 
528     len = package->i2d(input, &data);
529     if (len < 0)
530         return -1;
531 
532     if ((size_t)len != expected_len
533         || memcmp(data, expected, expected_len) != 0) {
534         if (input->success == 0) {
535             ret = 1;
536             ERR_clear_error();
537         } else {
538             ret = 0;
539         }
540     } else {
541         ret = 1;
542     }
543 
544     OPENSSL_free(data);
545     return ret;
546 }
547 
548 /* Do an encode/decode round trip */
do_enc_dec(EXPECTED * bytes,long nbytes,const TEST_PACKAGE * package)549 static int do_enc_dec(EXPECTED *bytes, long nbytes,
550                       const TEST_PACKAGE *package)
551 {
552     unsigned char *data = NULL;
553     int len;
554     int ret = 0;
555     void *p = bytes;
556 
557     len = package->i2d(p, &data);
558     if (len < 0)
559         return -1;
560 
561     ret = do_decode(data, len, bytes, nbytes, package);
562     OPENSSL_free(data);
563     return ret;
564 }
565 
der_encode_length(size_t len,unsigned char ** pp)566 static size_t der_encode_length(size_t len, unsigned char **pp)
567 {
568     size_t lenbytes;
569 
570     OPENSSL_assert(len < 0x8000);
571     if (len > 255)
572         lenbytes = 3;
573     else if (len > 127)
574         lenbytes = 2;
575     else
576         lenbytes = 1;
577 
578     if (pp != NULL) {
579         if (lenbytes == 1) {
580             *(*pp)++ = (unsigned char)len;
581         } else {
582             *(*pp)++ = (unsigned char)(lenbytes - 1);
583             if (lenbytes == 2) {
584                 *(*pp)++ = (unsigned char)(0x80 | len);
585             } else {
586                 *(*pp)++ = (unsigned char)(0x80 | (len >> 8));
587                 *(*pp)++ = (unsigned char)(len);
588             }
589         }
590     }
591     return lenbytes;
592 }
593 
make_custom_der(const TEST_CUSTOM_DATA * custom_data,unsigned char ** encoding,int explicit_default)594 static size_t make_custom_der(const TEST_CUSTOM_DATA *custom_data,
595                               unsigned char **encoding, int explicit_default)
596 {
597     size_t firstbytes, secondbytes = 0, secondbytesinner = 0, seqbytes;
598     const unsigned char t_true[] = { V_ASN1_BOOLEAN, 0x01, 0xff };
599     unsigned char *p = NULL;
600     size_t i;
601 
602     /*
603      * The first item is just an INTEGER tag, INTEGER length and INTEGER content
604      */
605     firstbytes =
606         1 + der_encode_length(custom_data->nbytes1, NULL)
607         + custom_data->nbytes1;
608 
609     for (i = custom_data->nbytes2; i > 0; i--) {
610         if (custom_data->bytes2[i - 1] != '\0')
611             break;
612     }
613     if (explicit_default || i > 0) {
614         /*
615          * The second item is an explicit tag, content length, INTEGER tag,
616          * INTEGER length, INTEGER bytes
617          */
618         secondbytesinner =
619             1 + der_encode_length(custom_data->nbytes2, NULL)
620             + custom_data->nbytes2;
621         secondbytes =
622             1 + der_encode_length(secondbytesinner, NULL) + secondbytesinner;
623     }
624 
625     /*
626      * The whole sequence is the sequence tag, content length, BOOLEAN true
627      * (copied from t_true), the first (firstbytes) and second (secondbytes)
628      * items
629      */
630     seqbytes =
631         1 + der_encode_length(sizeof(t_true) + firstbytes + secondbytes, NULL)
632         + sizeof(t_true) + firstbytes + secondbytes;
633 
634     *encoding = p = OPENSSL_malloc(seqbytes);
635     if (*encoding == NULL)
636         return 0;
637 
638     /* Sequence tag */
639     *p++ = 0x30;
640     der_encode_length(sizeof(t_true) + firstbytes + secondbytes, &p);
641 
642     /* ASN1_BOOLEAN TRUE */
643     memcpy(p, t_true, sizeof(t_true)); /* Marks decoding success */
644     p += sizeof(t_true);
645 
646     /* First INTEGER item (non-optional) */
647     *p++ = V_ASN1_INTEGER;
648     der_encode_length(custom_data->nbytes1, &p);
649     memcpy(p, custom_data->bytes1, custom_data->nbytes1);
650     p += custom_data->nbytes1;
651 
652     if (secondbytes > 0) {
653         /* Second INTEGER item (optional) */
654         /* Start with the explicit optional tag */
655         *p++ = 0xa0;
656         der_encode_length(secondbytesinner, &p);
657         *p++ = V_ASN1_INTEGER;
658         der_encode_length(custom_data->nbytes2, &p);
659         memcpy(p, custom_data->bytes2, custom_data->nbytes2);
660         p += custom_data->nbytes2;
661     }
662 
663     OPENSSL_assert(seqbytes == (size_t)(p - *encoding));
664 
665     return seqbytes;
666 }
667 
668 /* Attempt to decode a custom encoding of the test structure */
do_decode_custom(const TEST_CUSTOM_DATA * custom_data,const EXPECTED * expected,size_t expected_size,const TEST_PACKAGE * package)669 static int do_decode_custom(const TEST_CUSTOM_DATA *custom_data,
670                             const EXPECTED *expected, size_t expected_size,
671                             const TEST_PACKAGE *package)
672 {
673     unsigned char *encoding = NULL;
674     /*
675      * We force the defaults to be explicitly encoded to make sure we test
676      * for defaults that shouldn't be present (i.e. we check for failure)
677      */
678     size_t encoding_length = make_custom_der(custom_data, &encoding, 1);
679     int ret;
680 
681     if (encoding_length == 0)
682         return -1;
683 
684     ret = do_decode(encoding, encoding_length, expected, expected_size,
685                     package);
686     OPENSSL_free(encoding);
687 
688     return ret;
689 }
690 
691 /* Attempt to encode the test structure and compare it to custom DER */
do_encode_custom(EXPECTED * input,const TEST_CUSTOM_DATA * custom_data,const TEST_PACKAGE * package)692 static int do_encode_custom(EXPECTED *input,
693                             const TEST_CUSTOM_DATA *custom_data,
694                             const TEST_PACKAGE *package)
695 {
696     unsigned char *expected = NULL;
697     size_t expected_length = make_custom_der(custom_data, &expected, 0);
698     int ret;
699 
700     if (expected_length == 0)
701         return -1;
702 
703     ret = do_encode(input, expected, expected_length, package);
704     OPENSSL_free(expected);
705 
706     return ret;
707 }
708 
do_print_item(const TEST_PACKAGE * package)709 static int do_print_item(const TEST_PACKAGE *package)
710 {
711 #define DATA_BUF_SIZE 256
712     const ASN1_ITEM *i = ASN1_ITEM_ptr(package->asn1_type);
713     ASN1_VALUE *o;
714     int ret;
715 
716     OPENSSL_assert(package->encode_expectations_elem_size <= DATA_BUF_SIZE);
717     if ((o = OPENSSL_malloc(DATA_BUF_SIZE)) == NULL)
718         return 0;
719 
720     (void)RAND_bytes((unsigned char*)o,
721                      (int)package->encode_expectations_elem_size);
722     ret = ASN1_item_print(bio_err, o, 0, i, NULL);
723     OPENSSL_free(o);
724 
725     return ret;
726 }
727 
728 
test_intern(const TEST_PACKAGE * package)729 static int test_intern(const TEST_PACKAGE *package)
730 {
731     unsigned int i;
732     size_t nelems;
733     int fail = 0;
734 
735     if (package->skip)
736         return 1;
737 
738     /* Do decode_custom checks */
739     nelems = package->encode_expectations_size
740         / package->encode_expectations_elem_size;
741     OPENSSL_assert(nelems ==
742                    sizeof(test_custom_data) / sizeof(test_custom_data[0]));
743     for (i = 0; i < nelems; i++) {
744         size_t pos = i * package->encode_expectations_elem_size;
745         EXPECTED *expected
746             = (EXPECTED *)&((unsigned char *)package->encode_expectations)[pos];
747 
748         switch (do_encode_custom(expected, &test_custom_data[i], package)) {
749         case -1:
750             if (expected->success) {
751                 TEST_error("Failed custom encode round trip %u of %s",
752                            i, package->name);
753                 TEST_openssl_errors();
754                 fail++;
755             }
756             break;
757         case 0:
758             TEST_error("Custom encode round trip %u of %s mismatch",
759                        i, package->name);
760             TEST_openssl_errors();
761             fail++;
762             break;
763         case 1:
764             break;
765         default:
766             OPENSSL_die("do_encode_custom() return unknown value",
767                         __FILE__, __LINE__);
768         }
769         switch (do_decode_custom(&test_custom_data[i], expected,
770                                  package->encode_expectations_elem_size,
771                                  package)) {
772         case -1:
773             if (expected->success) {
774                 TEST_error("Failed custom decode round trip %u of %s",
775                            i, package->name);
776                 TEST_openssl_errors();
777                 fail++;
778             }
779             break;
780         case 0:
781             TEST_error("Custom decode round trip %u of %s mismatch",
782                        i, package->name);
783             TEST_openssl_errors();
784             fail++;
785             break;
786         case 1:
787             break;
788         default:
789             OPENSSL_die("do_decode_custom() return unknown value",
790                         __FILE__, __LINE__);
791         }
792     }
793 
794     /* Do enc_dec checks */
795     nelems = package->encdec_data_size / package->encdec_data_elem_size;
796     for (i = 0; i < nelems; i++) {
797         size_t pos = i * package->encdec_data_elem_size;
798         EXPECTED *expected
799             = (EXPECTED *)&((unsigned char *)package->encdec_data)[pos];
800 
801         switch (do_enc_dec(expected, package->encdec_data_elem_size, package)) {
802         case -1:
803             if (expected->success) {
804                 TEST_error("Failed encode/decode round trip %u of %s",
805                            i, package->name);
806                 TEST_openssl_errors();
807                 fail++;
808             }
809             break;
810         case 0:
811             TEST_error("Encode/decode round trip %u of %s mismatch",
812                        i, package->name);
813             fail++;
814             break;
815         case 1:
816             break;
817         default:
818             OPENSSL_die("do_enc_dec() return unknown value",
819                         __FILE__, __LINE__);
820         }
821     }
822 
823     if (!do_print_item(package)) {
824         TEST_error("Printing of %s failed", package->name);
825         TEST_openssl_errors();
826         fail++;
827     }
828 
829     return fail == 0;
830 }
831 
832 #ifndef OPENSSL_NO_DEPRECATED_3_0
test_long_32bit(void)833 static int test_long_32bit(void)
834 {
835     return test_intern(&long_test_package_32bit);
836 }
837 
test_long_64bit(void)838 static int test_long_64bit(void)
839 {
840     return test_intern(&long_test_package_64bit);
841 }
842 #endif
843 
test_int32(void)844 static int test_int32(void)
845 {
846     return test_intern(&int32_test_package);
847 }
848 
test_uint32(void)849 static int test_uint32(void)
850 {
851     return test_intern(&uint32_test_package);
852 }
853 
test_int64(void)854 static int test_int64(void)
855 {
856     return test_intern(&int64_test_package);
857 }
858 
test_uint64(void)859 static int test_uint64(void)
860 {
861     return test_intern(&uint64_test_package);
862 }
863 
864 typedef struct {
865     ASN1_STRING *invalidDirString;
866 } INVALIDTEMPLATE;
867 
868 ASN1_SEQUENCE(INVALIDTEMPLATE) = {
869     /*
870      * DirectoryString is a CHOICE type so it must use explicit tagging -
871      * but we deliberately use implicit here, which makes this template invalid.
872      */
873     ASN1_IMP(INVALIDTEMPLATE, invalidDirString, DIRECTORYSTRING, 12)
874 } static_ASN1_SEQUENCE_END(INVALIDTEMPLATE)
875 
876 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(INVALIDTEMPLATE)
877 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(INVALIDTEMPLATE)
878 
879 static int test_invalid_template(void)
880 {
881     INVALIDTEMPLATE *temp = INVALIDTEMPLATE_new();
882     int ret;
883 
884     if (!TEST_ptr(temp))
885         return 0;
886 
887     ret = i2d_INVALIDTEMPLATE(temp, NULL);
888 
889     INVALIDTEMPLATE_free(temp);
890 
891     /* We expect the i2d operation to fail */
892     return ret < 0;
893 }
894 
895 
setup_tests(void)896 int setup_tests(void)
897 {
898 #ifndef OPENSSL_NO_DEPRECATED_3_0
899     ADD_TEST(test_long_32bit);
900     ADD_TEST(test_long_64bit);
901 #endif
902     ADD_TEST(test_int32);
903     ADD_TEST(test_uint32);
904     ADD_TEST(test_int64);
905     ADD_TEST(test_uint64);
906     ADD_TEST(test_invalid_template);
907     return 1;
908 }
909