pkixder_input_tests.cpp (26772B)
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This code is made available to you under your choice of the following sets 4 * of licensing terms: 5 */ 6 /* This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. 9 */ 10 /* Copyright 2013 Mozilla Contributors 11 * 12 * Licensed under the Apache License, Version 2.0 (the "License"); 13 * you may not use this file except in compliance with the License. 14 * You may obtain a copy of the License at 15 * 16 * http://www.apache.org/licenses/LICENSE-2.0 17 * 18 * Unless required by applicable law or agreed to in writing, software 19 * distributed under the License is distributed on an "AS IS" BASIS, 20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 21 * See the License for the specific language governing permissions and 22 * limitations under the License. 23 */ 24 25 #include <functional> 26 #include <vector> 27 #include "pkixgtest.h" 28 29 #include "mozpkix/pkixder.h" 30 31 using namespace mozilla::pkix; 32 using namespace mozilla::pkix::der; 33 34 namespace { 35 36 class pkixder_input_tests : public ::testing::Test { }; 37 38 static const uint8_t DER_SEQUENCE_EMPTY[] = { 39 0x30, // SEQUENCE 40 0x00, // length 41 }; 42 43 static const uint8_t DER_SEQUENCE_NOT_EMPTY[] = { 44 0x30, // SEQUENCE 45 0x01, // length 46 'X', // value 47 }; 48 49 static const uint8_t DER_SEQUENCE_NOT_EMPTY_VALUE[] = { 50 'X', // value 51 }; 52 53 static const uint8_t DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED[] = { 54 0x30, // SEQUENCE 55 0x01, // length 56 }; 57 58 const uint8_t DER_SEQUENCE_OF_INT8[] = { 59 0x30, // SEQUENCE 60 0x09, // length 61 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01 62 0x02, 0x01, 0x02, // INTEGER length 1 value 0x02 63 0x02, 0x01, 0x03 // INTEGER length 1 value 0x03 64 }; 65 66 const uint8_t DER_TRUNCATED_SEQUENCE_OF_INT8[] = { 67 0x30, // SEQUENCE 68 0x09, // length 69 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01 70 0x02, 0x01, 0x02 // INTEGER length 1 value 0x02 71 // MISSING DATA HERE ON PURPOSE 72 }; 73 74 const uint8_t DER_OVERRUN_SEQUENCE_OF_INT8[] = { 75 0x30, // SEQUENCE 76 0x09, // length 77 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01 78 0x02, 0x01, 0x02, // INTEGER length 1 value 0x02 79 0x02, 0x02, 0xFF, 0x03 // INTEGER length 2 value 0xFF03 80 }; 81 82 const uint8_t DER_INT16[] = { 83 0x02, // INTEGER 84 0x02, // length 85 0x12, 0x34 // 0x1234 86 }; 87 88 static const Input EMPTY_INPUT; 89 90 TEST_F(pkixder_input_tests, InputInit) 91 { 92 Input buf; 93 ASSERT_EQ(Success, 94 buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8)); 95 } 96 97 TEST_F(pkixder_input_tests, InputInitWithNullPointerOrZeroLength) 98 { 99 Input buf; 100 ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init(nullptr, 0)); 101 102 ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init(nullptr, 100)); 103 104 // Though it seems odd to initialize with zero-length and non-null ptr, this 105 // is working as intended. The Reader class was intended to protect against 106 // buffer overflows, and there's no risk with the current behavior. See bug 107 // 1000354. 108 ASSERT_EQ(Success, buf.Init((const uint8_t*) "hello", 0)); 109 ASSERT_TRUE(buf.GetLength() == 0); 110 } 111 112 TEST_F(pkixder_input_tests, InputInitWithLargeData) 113 { 114 Input buf; 115 // Data argument length does not matter, it is not touched, just 116 // needs to be non-null 117 ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init((const uint8_t*) "", 0xffff+1)); 118 119 ASSERT_EQ(Success, buf.Init((const uint8_t*) "", 0xffff)); 120 } 121 122 TEST_F(pkixder_input_tests, InputInitMultipleTimes) 123 { 124 Input buf; 125 126 ASSERT_EQ(Success, 127 buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8)); 128 129 ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, 130 buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8)); 131 } 132 133 TEST_F(pkixder_input_tests, PeekWithinBounds) 134 { 135 const uint8_t der[] = { 0x11, 0x11 }; 136 Input buf(der); 137 Reader input(buf); 138 ASSERT_TRUE(input.Peek(0x11)); 139 ASSERT_FALSE(input.Peek(0x22)); 140 } 141 142 TEST_F(pkixder_input_tests, PeekPastBounds) 143 { 144 const uint8_t der[] = { 0x11, 0x22 }; 145 Input buf; 146 ASSERT_EQ(Success, buf.Init(der, 1)); 147 Reader input(buf); 148 149 uint8_t readByte; 150 ASSERT_EQ(Success, input.Read(readByte)); 151 ASSERT_EQ(0x11, readByte); 152 ASSERT_FALSE(input.Peek(0x22)); 153 } 154 155 TEST_F(pkixder_input_tests, ReadByte) 156 { 157 const uint8_t der[] = { 0x11, 0x22 }; 158 Input buf(der); 159 Reader input(buf); 160 161 uint8_t readByte1; 162 ASSERT_EQ(Success, input.Read(readByte1)); 163 ASSERT_EQ(0x11, readByte1); 164 165 uint8_t readByte2; 166 ASSERT_EQ(Success, input.Read(readByte2)); 167 ASSERT_EQ(0x22, readByte2); 168 } 169 170 TEST_F(pkixder_input_tests, ReadBytePastEnd) 171 { 172 const uint8_t der[] = { 0x11, 0x22 }; 173 Input buf; 174 ASSERT_EQ(Success, buf.Init(der, 1)); 175 Reader input(buf); 176 177 uint8_t readByte1 = 0; 178 ASSERT_EQ(Success, input.Read(readByte1)); 179 ASSERT_EQ(0x11, readByte1); 180 181 uint8_t readByte2 = 0; 182 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readByte2)); 183 ASSERT_NE(0x22, readByte2); 184 } 185 186 TEST_F(pkixder_input_tests, ReadByteWrapAroundPointer) 187 { 188 // The original implementation of our buffer read overflow checks was 189 // susceptible to integer overflows which could make the checks ineffective. 190 // This attempts to verify that we've fixed that. Unfortunately, decrementing 191 // a null pointer is undefined behavior according to the C++ language spec., 192 // but this should catch the problem on at least some compilers, if not all of 193 // them. 194 uintptr_t derint = -1; 195 auto der = reinterpret_cast<const uint8_t*>(derint); 196 ASSERT_EQ(sizeof(der), sizeof(derint)) 197 << "underflow of pointer might not work"; 198 Input buf; 199 ASSERT_EQ(Success, buf.Init(der, 0)); 200 Reader input(buf); 201 202 uint8_t b; 203 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(b)); 204 } 205 206 TEST_F(pkixder_input_tests, ReadWord) 207 { 208 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 209 Input buf(der); 210 Reader input(buf); 211 212 uint16_t readWord1 = 0; 213 ASSERT_EQ(Success, input.Read(readWord1)); 214 ASSERT_EQ(0x1122, readWord1); 215 216 uint16_t readWord2 = 0; 217 ASSERT_EQ(Success, input.Read(readWord2)); 218 ASSERT_EQ(0x3344, readWord2); 219 } 220 221 TEST_F(pkixder_input_tests, ReadWordPastEnd) 222 { 223 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 224 Input buf; 225 ASSERT_EQ(Success, buf.Init(der, 2)); // Initialize with too-short length 226 Reader input(buf); 227 228 uint16_t readWord1 = 0; 229 ASSERT_EQ(Success, input.Read(readWord1)); 230 ASSERT_EQ(0x1122, readWord1); 231 232 uint16_t readWord2 = 0; 233 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readWord2)); 234 ASSERT_NE(0x3344, readWord2); 235 } 236 237 TEST_F(pkixder_input_tests, ReadWordWithInsufficentData) 238 { 239 const uint8_t der[] = { 0x11, 0x22 }; 240 Input buf; 241 ASSERT_EQ(Success, buf.Init(der, 1)); 242 Reader input(buf); 243 244 uint16_t readWord1 = 0; 245 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readWord1)); 246 ASSERT_NE(0x1122, readWord1); 247 } 248 249 static void UNSANITIZED_ReadWordWrapAroundPointer() 250 #if defined(__clang__) 251 /* Use "undefined" instead of more specific "pointer-overflow" for 252 * clang 4.0.0 backward compatability. */ 253 __attribute__((no_sanitize("undefined"))) 254 #endif 255 { 256 const uint8_t* der = nullptr; 257 --der; 258 Input buf; 259 ASSERT_EQ(Success, buf.Init(der, 0)); 260 Reader input(buf); 261 uint16_t b; 262 ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(b)); 263 } 264 265 TEST_F(pkixder_input_tests, ReadWordWrapAroundPointer) { 266 // The original implementation of our buffer read overflow checks was 267 // susceptible to integer overflows which could make the checks ineffective. 268 // This attempts to verify that we've fixed that. Unfortunately, decrementing 269 // a null pointer is undefined behavior according to the C++ language spec., 270 // but this should catch the problem on at least some compilers, if not all of 271 // them. 272 UNSANITIZED_ReadWordWrapAroundPointer(); 273 } 274 275 TEST_F(pkixder_input_tests, Skip) 276 { 277 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 278 Input buf(der); 279 Reader input(buf); 280 281 ASSERT_EQ(Success, input.Skip(1)); 282 283 uint8_t readByte1 = 0; 284 ASSERT_EQ(Success, input.Read(readByte1)); 285 ASSERT_EQ(0x22, readByte1); 286 287 ASSERT_EQ(Success, input.Skip(1)); 288 289 uint8_t readByte2 = 0; 290 ASSERT_EQ(Success, input.Read(readByte2)); 291 ASSERT_EQ(0x44, readByte2); 292 } 293 294 TEST_F(pkixder_input_tests, Skip_ToEnd) 295 { 296 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 297 Input buf(der); 298 Reader input(buf); 299 ASSERT_EQ(Success, input.Skip(sizeof der)); 300 ASSERT_TRUE(input.AtEnd()); 301 } 302 303 TEST_F(pkixder_input_tests, Skip_PastEnd) 304 { 305 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 306 Input buf(der); 307 Reader input(buf); 308 309 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der + 1)); 310 } 311 312 TEST_F(pkixder_input_tests, Skip_ToNewInput) 313 { 314 const uint8_t der[] = { 0x01, 0x02, 0x03, 0x04 }; 315 Input buf(der); 316 Reader input(buf); 317 318 Reader skippedInput; 319 ASSERT_EQ(Success, input.Skip(3, skippedInput)); 320 321 uint8_t readByte1 = 0; 322 ASSERT_EQ(Success, input.Read(readByte1)); 323 ASSERT_EQ(0x04, readByte1); 324 325 ASSERT_TRUE(input.AtEnd()); 326 327 // Reader has no Remaining() or Length() so we simply read the bytes 328 // and then expect to be at the end. 329 330 for (uint8_t i = 1; i <= 3; ++i) { 331 uint8_t readByte = 0; 332 ASSERT_EQ(Success, skippedInput.Read(readByte)); 333 ASSERT_EQ(i, readByte); 334 } 335 336 ASSERT_TRUE(skippedInput.AtEnd()); 337 } 338 339 TEST_F(pkixder_input_tests, Skip_ToNewInputPastEnd) 340 { 341 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 342 Input buf(der); 343 Reader input(buf); 344 345 Reader skippedInput; 346 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der * 2, skippedInput)); 347 } 348 349 TEST_F(pkixder_input_tests, Skip_ToInput) 350 { 351 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 352 Input buf(der); 353 Reader input(buf); 354 355 const uint8_t expectedItemData[] = { 0x11, 0x22, 0x33 }; 356 357 Input item; 358 ASSERT_EQ(Success, input.Skip(sizeof expectedItemData, item)); 359 360 Input expected(expectedItemData); 361 ASSERT_TRUE(InputsAreEqual(expected, item)); 362 } 363 364 static void UNSANITIZED_Skip_WrapAroundPointer() 365 #if defined(__clang__) 366 /* Use "undefined" instead of more specific "pointer-overflow" for 367 * clang 4.0.0 backward compatability. */ 368 __attribute__((no_sanitize("undefined"))) 369 #endif 370 { 371 const uint8_t* der = nullptr; 372 // coverity[FORWARD_NULL] 373 --der; 374 Input buf; 375 ASSERT_EQ(Success, buf.Init(der, 0)); 376 Reader input(buf); 377 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(1)); 378 } 379 380 TEST_F(pkixder_input_tests, Skip_WrapAroundPointer) { 381 // The original implementation of our buffer read overflow checks was 382 // susceptible to integer overflows which could make the checks ineffective. 383 // This attempts to verify that we've fixed that. Unfortunately, decrementing 384 // a null pointer is undefined behavior according to the C++ language spec., 385 // but this should catch the problem on at least some compilers, if not all of 386 // them. 387 UNSANITIZED_Skip_WrapAroundPointer(); 388 } 389 390 TEST_F(pkixder_input_tests, Skip_ToInputPastEnd) 391 { 392 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 393 Input buf(der); 394 Reader input(buf); 395 396 Input skipped; 397 ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der + 1, skipped)); 398 } 399 400 TEST_F(pkixder_input_tests, SkipToEnd_ToInput) 401 { 402 static const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 403 Input buf(der); 404 Reader input(buf); 405 406 Input skipped; 407 ASSERT_EQ(Success, input.SkipToEnd(skipped)); 408 } 409 410 TEST_F(pkixder_input_tests, SkipToEnd_ToInput_InputAlreadyInited) 411 { 412 static const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 413 Input buf(der); 414 Reader input(buf); 415 416 static const uint8_t initialValue[] = { 0x01, 0x02, 0x03 }; 417 Input x(initialValue); 418 // Fails because skipped was already initialized once, and Inputs are not 419 // allowed to be Init()d multiple times. 420 ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, input.SkipToEnd(x)); 421 ASSERT_TRUE(InputsAreEqual(x, Input(initialValue))); 422 } 423 424 TEST_F(pkixder_input_tests, ExpectTagAndSkipValue) 425 { 426 Input buf(DER_SEQUENCE_OF_INT8); 427 Reader input(buf); 428 429 ASSERT_EQ(Success, ExpectTagAndSkipValue(input, SEQUENCE)); 430 ASSERT_EQ(Success, End(input)); 431 } 432 433 TEST_F(pkixder_input_tests, ExpectTagAndSkipValueWithTruncatedData) 434 { 435 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 436 Reader input(buf); 437 438 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndSkipValue(input, SEQUENCE)); 439 } 440 441 TEST_F(pkixder_input_tests, ExpectTagAndSkipValueWithOverrunData) 442 { 443 Input buf(DER_OVERRUN_SEQUENCE_OF_INT8); 444 Reader input(buf); 445 ASSERT_EQ(Success, ExpectTagAndSkipValue(input, SEQUENCE)); 446 ASSERT_EQ(Result::ERROR_BAD_DER, End(input)); 447 } 448 449 TEST_F(pkixder_input_tests, AtEndOnUnInitializedInput) 450 { 451 Reader input; 452 ASSERT_TRUE(input.AtEnd()); 453 } 454 455 TEST_F(pkixder_input_tests, AtEndAtBeginning) 456 { 457 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 458 Input buf(der); 459 Reader input(buf); 460 ASSERT_FALSE(input.AtEnd()); 461 } 462 463 TEST_F(pkixder_input_tests, AtEndAtEnd) 464 { 465 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 466 Input buf(der); 467 Reader input(buf); 468 ASSERT_EQ(Success, input.Skip(sizeof der)); 469 ASSERT_TRUE(input.AtEnd()); 470 } 471 472 TEST_F(pkixder_input_tests, MarkAndGetInput) 473 { 474 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 475 Input buf(der); 476 Reader input(buf); 477 478 Reader::Mark mark = input.GetMark(); 479 480 const uint8_t expectedItemData[] = { 0x11, 0x22, 0x33 }; 481 482 ASSERT_EQ(Success, input.Skip(sizeof expectedItemData)); 483 484 Input item; 485 ASSERT_EQ(Success, input.GetInput(mark, item)); 486 Input expected(expectedItemData); 487 ASSERT_TRUE(InputsAreEqual(expected, item)); 488 } 489 490 // Cannot run this test on debug builds because of the NotReached 491 #ifdef NDEBUG 492 TEST_F(pkixder_input_tests, MarkAndGetInputDifferentInput) 493 { 494 const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 }; 495 Input buf(der); 496 Reader input(buf); 497 498 Reader another; 499 Reader::Mark mark = another.GetMark(); 500 501 ASSERT_EQ(Success, input.Skip(3)); 502 503 Input item; 504 ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, input.GetInput(mark, item)); 505 } 506 #endif 507 508 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_AtEnd) 509 { 510 Reader input(EMPTY_INPUT); 511 uint8_t tag; 512 Input value; 513 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value)); 514 } 515 516 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_TruncatedAfterTag) 517 { 518 static const uint8_t DER[] = { SEQUENCE }; 519 Input buf(DER); 520 Reader input(buf); 521 uint8_t tag; 522 Input value; 523 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value)); 524 } 525 526 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_ValidEmpty) 527 { 528 Input buf(DER_SEQUENCE_EMPTY); 529 Reader input(buf); 530 uint8_t tag = 0; 531 Input value; 532 ASSERT_EQ(Success, ReadTagAndGetValue(input, tag, value)); 533 ASSERT_EQ(SEQUENCE, tag); 534 ASSERT_EQ(0u, value.GetLength()); 535 ASSERT_TRUE(input.AtEnd()); 536 } 537 538 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_ValidNotEmpty) 539 { 540 Input buf(DER_SEQUENCE_NOT_EMPTY); 541 Reader input(buf); 542 uint8_t tag = 0; 543 Input value; 544 ASSERT_EQ(Success, ReadTagAndGetValue(input, tag, value)); 545 ASSERT_EQ(SEQUENCE, tag); 546 Input expected(DER_SEQUENCE_NOT_EMPTY_VALUE); 547 ASSERT_TRUE(InputsAreEqual(expected, value)); 548 ASSERT_TRUE(input.AtEnd()); 549 } 550 551 TEST_F(pkixder_input_tests, 552 ReadTagAndGetValue_Input_InvalidNotEmptyValueTruncated) 553 { 554 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED); 555 Reader input(buf); 556 uint8_t tag; 557 Input value; 558 ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value)); 559 } 560 561 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidWrongLength) 562 { 563 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 564 Reader input(buf); 565 uint8_t tag; 566 Input value; 567 ASSERT_EQ(Result::ERROR_BAD_DER, 568 ReadTagAndGetValue(input, tag, value)); 569 } 570 571 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidHighTagNumberForm1) 572 { 573 // High tag number form is not allowed (illegal 1 byte tag) 574 // 575 // If the decoder treats 0x1F as a valid low tag number tag, then it will 576 // treat the actual tag (1) as a length, and then it will return Success 577 // with value == { 0x00 } and tag == 0x1f. 578 // 579 // It is illegal to encode tag 1 in the high tag number form because it isn't 580 // the shortest encoding (the low tag number form is). 581 static const uint8_t DER[] = { 582 0x1F, // high tag number form indicator 583 1, // tag 1 (not legal!) 584 0 // length zero 585 }; 586 Input buf(DER); 587 Reader input(buf); 588 uint8_t tag; 589 Input value; 590 ASSERT_EQ(Result::ERROR_BAD_DER, 591 ReadTagAndGetValue(input, tag, value)); 592 } 593 594 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidHighTagNumberForm2) 595 { 596 // High tag number form is not allowed (legal 1 byte tag). 597 // 598 // ReadTagAndGetValue's check to prohibit the high tag number form has no 599 // effect on whether this test passes or fails, because ReadTagAndGetValue 600 // will interpret the second byte (31) as a length, and the input doesn't 601 // have 31 bytes following it. This test is here to guard against the case 602 // where somebody actually implements high tag number form parsing, to remind 603 // that person that they need to add tests here, including in particular 604 // tests for overly-long encodings. 605 static const uint8_t DER[] = { 606 0x1F, // high tag number form indicator 607 31, // tag 31 608 0 // length zero 609 }; 610 Input buf(DER); 611 Reader input(buf); 612 uint8_t tag; 613 Input value; 614 ASSERT_EQ(Result::ERROR_BAD_DER, 615 ReadTagAndGetValue(input, tag, value)); 616 } 617 618 TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidHighTagNumberForm3) 619 { 620 // High tag number form is not allowed (2 byte legal tag) 621 // 622 // ReadTagAndGetValue's check to prohibit the high tag number form has no 623 // effect on whether this test passes or fails, because ReadTagAndGetValue 624 // will interpret the second byte as a length, and the input doesn't have 625 // that many bytes following it. This test is here to guard against the case 626 // where somebody actually implements high tag number form parsing, to remind 627 // that person that they need to add tests here, including in particular 628 // tests for overly-long encodings. 629 static const uint8_t DER[] = { 630 0x1F, // high tag number form indicator 631 0x80 | 0x01, 0x00, // tag 0x100 (256) 632 0 // length zero 633 }; 634 Input buf(DER); 635 Reader input(buf); 636 uint8_t tag; 637 Input value; 638 ASSERT_EQ(Result::ERROR_BAD_DER, 639 ReadTagAndGetValue(input, tag, value)); 640 } 641 642 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_ValidEmpty) 643 { 644 Input buf(DER_SEQUENCE_EMPTY); 645 Reader input(buf); 646 Reader value; 647 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value)); 648 ASSERT_TRUE(value.AtEnd()); 649 ASSERT_TRUE(input.AtEnd()); 650 } 651 652 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_ValidNotEmpty) 653 { 654 Input buf(DER_SEQUENCE_NOT_EMPTY); 655 Reader input(buf); 656 Reader value; 657 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value)); 658 ASSERT_TRUE(value.MatchRest(DER_SEQUENCE_NOT_EMPTY_VALUE)); 659 ASSERT_TRUE(input.AtEnd()); 660 } 661 662 TEST_F(pkixder_input_tests, 663 ExpectTagAndGetValue_Reader_InvalidNotEmptyValueTruncated) 664 { 665 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED); 666 Reader input(buf); 667 Reader value; 668 ASSERT_EQ(Result::ERROR_BAD_DER, 669 ExpectTagAndGetValue(input, SEQUENCE, value)); 670 } 671 672 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_InvalidWrongLength) 673 { 674 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 675 Reader input(buf); 676 Reader value; 677 ASSERT_EQ(Result::ERROR_BAD_DER, 678 ExpectTagAndGetValue(input, SEQUENCE, value)); 679 } 680 681 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_InvalidWrongTag) 682 { 683 Input buf(DER_SEQUENCE_NOT_EMPTY); 684 Reader input(buf); 685 Reader value; 686 ASSERT_EQ(Result::ERROR_BAD_DER, 687 ExpectTagAndGetValue(input, INTEGER, value)); 688 } 689 690 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_ValidEmpty) 691 { 692 Input buf(DER_SEQUENCE_EMPTY); 693 Reader input(buf); 694 Input value; 695 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value)); 696 ASSERT_EQ(0u, value.GetLength()); 697 ASSERT_TRUE(input.AtEnd()); 698 } 699 700 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_ValidNotEmpty) 701 { 702 Input buf(DER_SEQUENCE_NOT_EMPTY); 703 Reader input(buf); 704 Input value; 705 ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value)); 706 Input expected(DER_SEQUENCE_NOT_EMPTY_VALUE); 707 ASSERT_TRUE(InputsAreEqual(expected, value)); 708 ASSERT_TRUE(input.AtEnd()); 709 } 710 711 TEST_F(pkixder_input_tests, 712 ExpectTagAndGetValue_Input_InvalidNotEmptyValueTruncated) 713 { 714 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED); 715 Reader input(buf); 716 Input value; 717 ASSERT_EQ(Result::ERROR_BAD_DER, 718 ExpectTagAndGetValue(input, SEQUENCE, value)); 719 } 720 721 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_InvalidWrongLength) 722 { 723 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 724 Reader input(buf); 725 Input value; 726 ASSERT_EQ(Result::ERROR_BAD_DER, 727 ExpectTagAndGetValue(input, SEQUENCE, value)); 728 } 729 730 TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_InvalidWrongTag) 731 { 732 Input buf(DER_SEQUENCE_NOT_EMPTY); 733 Reader input(buf); 734 Input value; 735 ASSERT_EQ(Result::ERROR_BAD_DER, 736 ExpectTagAndGetValue(input, INTEGER, value)); 737 } 738 739 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_ValidEmpty) 740 { 741 Input buf(DER_SEQUENCE_EMPTY); 742 Reader input(buf); 743 ASSERT_EQ(Success, ExpectTagAndEmptyValue(input, SEQUENCE)); 744 ASSERT_TRUE(input.AtEnd()); 745 } 746 747 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InValidNotEmpty) 748 { 749 Input buf(DER_SEQUENCE_NOT_EMPTY); 750 Reader input(buf); 751 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE)); 752 } 753 754 TEST_F(pkixder_input_tests, 755 ExpectTagAndEmptyValue_Input_InvalidNotEmptyValueTruncated) 756 { 757 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED); 758 Reader input(buf); 759 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE)); 760 } 761 762 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InvalidWrongLength) 763 { 764 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 765 Reader input(buf); 766 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE)); 767 } 768 769 TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InvalidWrongTag) 770 { 771 Input buf(DER_SEQUENCE_NOT_EMPTY); 772 Reader input(buf); 773 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, INTEGER)); 774 } 775 776 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_ValidEmpty) 777 { 778 Input buf(DER_SEQUENCE_EMPTY); 779 Reader input(buf); 780 Input tlv; 781 ASSERT_EQ(Success, ExpectTagAndGetTLV(input, SEQUENCE, tlv)); 782 Input expected(DER_SEQUENCE_EMPTY); 783 ASSERT_TRUE(InputsAreEqual(expected, tlv)); 784 ASSERT_TRUE(input.AtEnd()); 785 } 786 787 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_ValidNotEmpty) 788 { 789 Input buf(DER_SEQUENCE_NOT_EMPTY); 790 Reader input(buf); 791 Input tlv; 792 ASSERT_EQ(Success, ExpectTagAndGetTLV(input, SEQUENCE, tlv)); 793 Input expected(DER_SEQUENCE_NOT_EMPTY); 794 ASSERT_TRUE(InputsAreEqual(expected, tlv)); 795 ASSERT_TRUE(input.AtEnd()); 796 } 797 798 TEST_F(pkixder_input_tests, 799 ExpectTagAndGetTLV_Input_InvalidNotEmptyValueTruncated) 800 { 801 Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED); 802 Reader input(buf); 803 Input tlv; 804 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, SEQUENCE, tlv)); 805 } 806 807 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_InvalidWrongLength) 808 { 809 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 810 Reader input(buf); 811 Input tlv; 812 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, SEQUENCE, tlv)); 813 } 814 815 TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_InvalidWrongTag) 816 { 817 Input buf(DER_SEQUENCE_NOT_EMPTY); 818 Reader input(buf); 819 Input tlv; 820 ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, INTEGER, tlv)); 821 } 822 823 TEST_F(pkixder_input_tests, EndAtEnd) 824 { 825 Input buf(DER_INT16); 826 Reader input(buf); 827 ASSERT_EQ(Success, input.Skip(4)); 828 ASSERT_EQ(Success, End(input)); 829 } 830 831 TEST_F(pkixder_input_tests, EndBeforeEnd) 832 { 833 Input buf(DER_INT16); 834 Reader input(buf); 835 ASSERT_EQ(Success, input.Skip(2)); 836 ASSERT_EQ(Result::ERROR_BAD_DER, End(input)); 837 } 838 839 TEST_F(pkixder_input_tests, EndAtBeginning) 840 { 841 Input buf(DER_INT16); 842 Reader input(buf); 843 ASSERT_EQ(Result::ERROR_BAD_DER, End(input)); 844 } 845 846 // TODO: Need tests for Nested too? 847 848 Result NestedOfHelper(Reader& input, std::vector<uint8_t>& readValues) 849 { 850 uint8_t value = 0; 851 Result rv = input.Read(value); 852 EXPECT_EQ(Success, rv); 853 if (rv != Success) { 854 return rv; 855 } 856 readValues.push_back(value); 857 return Success; 858 } 859 860 TEST_F(pkixder_input_tests, NestedOf) 861 { 862 Input buf(DER_SEQUENCE_OF_INT8); 863 Reader input(buf); 864 865 std::vector<uint8_t> readValues; 866 ASSERT_EQ(Success, 867 NestedOf(input, SEQUENCE, INTEGER, EmptyAllowed::No, 868 [&readValues](Reader& r) { 869 return NestedOfHelper(r, readValues); 870 })); 871 ASSERT_EQ(3u, readValues.size()); 872 ASSERT_EQ(0x01, readValues[0]); 873 ASSERT_EQ(0x02, readValues[1]); 874 ASSERT_EQ(0x03, readValues[2]); 875 ASSERT_EQ(Success, End(input)); 876 } 877 878 TEST_F(pkixder_input_tests, NestedOfWithTruncatedData) 879 { 880 Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8); 881 Reader input(buf); 882 883 std::vector<uint8_t> readValues; 884 ASSERT_EQ(Result::ERROR_BAD_DER, 885 NestedOf(input, SEQUENCE, INTEGER, EmptyAllowed::No, 886 [&readValues](Reader& r) { 887 return NestedOfHelper(r, readValues); 888 })); 889 ASSERT_EQ(0u, readValues.size()); 890 } 891 892 TEST_F(pkixder_input_tests, MatchRestAtEnd) 893 { 894 static const uint8_t der[1] = { }; 895 Input buf; 896 ASSERT_EQ(Success, buf.Init(der, 0)); 897 Reader input(buf); 898 ASSERT_TRUE(input.AtEnd()); 899 static const uint8_t toMatch[] = { 1 }; 900 ASSERT_FALSE(input.MatchRest(toMatch)); 901 } 902 903 TEST_F(pkixder_input_tests, MatchRest1Match) 904 { 905 static const uint8_t der[] = { 1 }; 906 Input buf(der); 907 Reader input(buf); 908 ASSERT_FALSE(input.AtEnd()); 909 ASSERT_TRUE(input.MatchRest(der)); 910 } 911 912 TEST_F(pkixder_input_tests, MatchRest1Mismatch) 913 { 914 static const uint8_t der[] = { 1 }; 915 Input buf(der); 916 Reader input(buf); 917 static const uint8_t toMatch[] = { 2 }; 918 ASSERT_FALSE(input.MatchRest(toMatch)); 919 ASSERT_FALSE(input.AtEnd()); 920 } 921 922 TEST_F(pkixder_input_tests, MatchRest2WithTrailingByte) 923 { 924 static const uint8_t der[] = { 1, 2, 3 }; 925 Input buf(der); 926 Reader input(buf); 927 static const uint8_t toMatch[] = { 1, 2 }; 928 ASSERT_FALSE(input.MatchRest(toMatch)); 929 } 930 931 TEST_F(pkixder_input_tests, MatchRest2Mismatch) 932 { 933 static const uint8_t der[] = { 1, 2, 3 }; 934 Input buf(der); 935 Reader input(buf); 936 static const uint8_t toMatchMismatch[] = { 1, 3 }; 937 ASSERT_FALSE(input.MatchRest(toMatchMismatch)); 938 ASSERT_TRUE(input.MatchRest(der)); 939 } 940 941 } // namespace