asn1_test.go 9.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285
  1. // Copyright 2017 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package cryptobyte
  5. import (
  6. "bytes"
  7. "encoding/asn1"
  8. "math/big"
  9. "reflect"
  10. "testing"
  11. "time"
  12. )
  13. type readASN1Test struct {
  14. name string
  15. in []byte
  16. tag Tag
  17. ok bool
  18. out interface{}
  19. }
  20. var readASN1TestData = []readASN1Test{
  21. {"valid", []byte{0x30, 2, 1, 2}, 0x30, true, []byte{1, 2}},
  22. {"truncated", []byte{0x30, 3, 1, 2}, 0x30, false, nil},
  23. {"zero length of length", []byte{0x30, 0x80}, 0x30, false, nil},
  24. {"invalid long form length", []byte{0x30, 0x81, 1, 1}, 0x30, false, nil},
  25. {"non-minimal length", append([]byte{0x30, 0x82, 0, 0x80}, make([]byte, 0x80)...), 0x30, false, nil},
  26. {"invalid tag", []byte{0xa1, 3, 0x4, 1, 1}, 31, false, nil},
  27. {"high tag", []byte{0x1f, 0x81, 0x80, 0x01, 2, 1, 2}, 0xff /* actually 0x4001, but tag is uint8 */, false, nil},
  28. }
  29. func TestReadASN1(t *testing.T) {
  30. for _, test := range readASN1TestData {
  31. t.Run(test.name, func(t *testing.T) {
  32. var in, out String = test.in, nil
  33. ok := in.ReadASN1(&out, test.tag)
  34. if ok != test.ok || ok && !bytes.Equal(out, test.out.([]byte)) {
  35. t.Errorf("in.ReadASN1() = %v, want %v; out = %v, want %v", ok, test.ok, out, test.out)
  36. }
  37. })
  38. }
  39. }
  40. func TestReadASN1Optional(t *testing.T) {
  41. var empty String
  42. var present bool
  43. ok := empty.ReadOptionalASN1(nil, &present, 0xa0)
  44. if !ok || present {
  45. t.Errorf("empty.ReadOptionalASN1() = %v, want true; present = %v want false", ok, present)
  46. }
  47. var in, out String = []byte{0xa1, 3, 0x4, 1, 1}, nil
  48. ok = in.ReadOptionalASN1(&out, &present, 0xa0)
  49. if !ok || present {
  50. t.Errorf("in.ReadOptionalASN1() = %v, want true, present = %v, want false", ok, present)
  51. }
  52. ok = in.ReadOptionalASN1(&out, &present, 0xa1)
  53. wantBytes := []byte{4, 1, 1}
  54. if !ok || !present || !bytes.Equal(out, wantBytes) {
  55. t.Errorf("in.ReadOptionalASN1() = %v, want true; present = %v, want true; out = %v, want = %v", ok, present, out, wantBytes)
  56. }
  57. }
  58. var optionalOctetStringTestData = []struct {
  59. readASN1Test
  60. present bool
  61. }{
  62. {readASN1Test{"empty", []byte{}, 0xa0, true, []byte{}}, false},
  63. {readASN1Test{"invalid", []byte{0xa1, 3, 0x4, 2, 1}, 0xa1, false, []byte{}}, true},
  64. {readASN1Test{"missing", []byte{0xa1, 3, 0x4, 1, 1}, 0xa0, true, []byte{}}, false},
  65. {readASN1Test{"present", []byte{0xa1, 3, 0x4, 1, 1}, 0xa1, true, []byte{1}}, true},
  66. }
  67. func TestReadASN1OptionalOctetString(t *testing.T) {
  68. for _, test := range optionalOctetStringTestData {
  69. t.Run(test.name, func(t *testing.T) {
  70. in := String(test.in)
  71. var out []byte
  72. var present bool
  73. ok := in.ReadOptionalASN1OctetString(&out, &present, test.tag)
  74. if ok != test.ok || present != test.present || !bytes.Equal(out, test.out.([]byte)) {
  75. t.Errorf("in.ReadOptionalASN1OctetString() = %v, want %v; present = %v want %v; out = %v, want %v", ok, test.ok, present, test.present, out, test.out)
  76. }
  77. })
  78. }
  79. }
  80. const defaultInt = -1
  81. var optionalIntTestData = []readASN1Test{
  82. {"empty", []byte{}, 0xa0, true, defaultInt},
  83. {"invalid", []byte{0xa1, 3, 0x2, 2, 127}, 0xa1, false, 0},
  84. {"missing", []byte{0xa1, 3, 0x2, 1, 127}, 0xa0, true, defaultInt},
  85. {"present", []byte{0xa1, 3, 0x2, 1, 42}, 0xa1, true, 42},
  86. }
  87. func TestReadASN1OptionalInteger(t *testing.T) {
  88. for _, test := range optionalIntTestData {
  89. t.Run(test.name, func(t *testing.T) {
  90. in := String(test.in)
  91. var out int
  92. ok := in.ReadOptionalASN1Integer(&out, test.tag, defaultInt)
  93. if ok != test.ok || ok && out != test.out.(int) {
  94. t.Errorf("in.ReadOptionalASN1Integer() = %v, want %v; out = %v, want %v", ok, test.ok, out, test.out)
  95. }
  96. })
  97. }
  98. }
  99. func TestReadASN1IntegerSigned(t *testing.T) {
  100. testData64 := []struct {
  101. in []byte
  102. out int64
  103. }{
  104. {[]byte{2, 3, 128, 0, 0}, -0x800000},
  105. {[]byte{2, 2, 255, 0}, -256},
  106. {[]byte{2, 2, 255, 127}, -129},
  107. {[]byte{2, 1, 128}, -128},
  108. {[]byte{2, 1, 255}, -1},
  109. {[]byte{2, 1, 0}, 0},
  110. {[]byte{2, 1, 1}, 1},
  111. {[]byte{2, 1, 2}, 2},
  112. {[]byte{2, 1, 127}, 127},
  113. {[]byte{2, 2, 0, 128}, 128},
  114. {[]byte{2, 2, 1, 0}, 256},
  115. {[]byte{2, 4, 0, 128, 0, 0}, 0x800000},
  116. }
  117. for i, test := range testData64 {
  118. in := String(test.in)
  119. var out int64
  120. ok := in.ReadASN1Integer(&out)
  121. if !ok || out != test.out {
  122. t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out, test.out)
  123. }
  124. }
  125. // Repeat the same cases, reading into a big.Int.
  126. t.Run("big.Int", func(t *testing.T) {
  127. for i, test := range testData64 {
  128. in := String(test.in)
  129. var out big.Int
  130. ok := in.ReadASN1Integer(&out)
  131. if !ok || out.Int64() != test.out {
  132. t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out.Int64(), test.out)
  133. }
  134. }
  135. })
  136. }
  137. func TestReadASN1IntegerUnsigned(t *testing.T) {
  138. testData := []struct {
  139. in []byte
  140. out uint64
  141. }{
  142. {[]byte{2, 1, 0}, 0},
  143. {[]byte{2, 1, 1}, 1},
  144. {[]byte{2, 1, 2}, 2},
  145. {[]byte{2, 1, 127}, 127},
  146. {[]byte{2, 2, 0, 128}, 128},
  147. {[]byte{2, 2, 1, 0}, 256},
  148. {[]byte{2, 4, 0, 128, 0, 0}, 0x800000},
  149. {[]byte{2, 8, 127, 255, 255, 255, 255, 255, 255, 255}, 0x7fffffffffffffff},
  150. {[]byte{2, 9, 0, 128, 0, 0, 0, 0, 0, 0, 0}, 0x8000000000000000},
  151. {[]byte{2, 9, 0, 255, 255, 255, 255, 255, 255, 255, 255}, 0xffffffffffffffff},
  152. }
  153. for i, test := range testData {
  154. in := String(test.in)
  155. var out uint64
  156. ok := in.ReadASN1Integer(&out)
  157. if !ok || out != test.out {
  158. t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out, test.out)
  159. }
  160. }
  161. }
  162. func TestReadASN1IntegerInvalid(t *testing.T) {
  163. testData := []String{
  164. []byte{3, 1, 0}, // invalid tag
  165. // truncated
  166. []byte{2, 1},
  167. []byte{2, 2, 0},
  168. // not minimally encoded
  169. []byte{2, 2, 0, 1},
  170. []byte{2, 2, 0xff, 0xff},
  171. }
  172. for i, test := range testData {
  173. var out int64
  174. if test.ReadASN1Integer(&out) {
  175. t.Errorf("#%d: in.ReadASN1Integer() = true, want false (out = %d)", i, out)
  176. }
  177. }
  178. }
  179. func TestReadASN1ObjectIdentifier(t *testing.T) {
  180. testData := []struct {
  181. in []byte
  182. ok bool
  183. out []int
  184. }{
  185. {[]byte{}, false, []int{}},
  186. {[]byte{6, 0}, false, []int{}},
  187. {[]byte{5, 1, 85}, false, []int{2, 5}},
  188. {[]byte{6, 1, 85}, true, []int{2, 5}},
  189. {[]byte{6, 2, 85, 0x02}, true, []int{2, 5, 2}},
  190. {[]byte{6, 4, 85, 0x02, 0xc0, 0x00}, true, []int{2, 5, 2, 0x2000}},
  191. {[]byte{6, 3, 0x81, 0x34, 0x03}, true, []int{2, 100, 3}},
  192. {[]byte{6, 7, 85, 0x02, 0xc0, 0x80, 0x80, 0x80, 0x80}, false, []int{}},
  193. }
  194. for i, test := range testData {
  195. in := String(test.in)
  196. var out asn1.ObjectIdentifier
  197. ok := in.ReadASN1ObjectIdentifier(&out)
  198. if ok != test.ok || ok && !out.Equal(test.out) {
  199. t.Errorf("#%d: in.ReadASN1ObjectIdentifier() = %v, want %v; out = %v, want %v", i, ok, test.ok, out, test.out)
  200. }
  201. }
  202. }
  203. func TestReadASN1GeneralizedTime(t *testing.T) {
  204. testData := []struct {
  205. in string
  206. ok bool
  207. out time.Time
  208. }{
  209. {"20100102030405Z", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.UTC)},
  210. {"20100102030405", false, time.Time{}},
  211. {"20100102030405+0607", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.FixedZone("", 6*60*60+7*60))},
  212. {"20100102030405-0607", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.FixedZone("", -6*60*60-7*60))},
  213. /* These are invalid times. However, the time package normalises times
  214. * and they were accepted in some versions. See #11134. */
  215. {"00000100000000Z", false, time.Time{}},
  216. {"20101302030405Z", false, time.Time{}},
  217. {"20100002030405Z", false, time.Time{}},
  218. {"20100100030405Z", false, time.Time{}},
  219. {"20100132030405Z", false, time.Time{}},
  220. {"20100231030405Z", false, time.Time{}},
  221. {"20100102240405Z", false, time.Time{}},
  222. {"20100102036005Z", false, time.Time{}},
  223. {"20100102030460Z", false, time.Time{}},
  224. {"-20100102030410Z", false, time.Time{}},
  225. {"2010-0102030410Z", false, time.Time{}},
  226. {"2010-0002030410Z", false, time.Time{}},
  227. {"201001-02030410Z", false, time.Time{}},
  228. {"20100102-030410Z", false, time.Time{}},
  229. {"2010010203-0410Z", false, time.Time{}},
  230. {"201001020304-10Z", false, time.Time{}},
  231. }
  232. for i, test := range testData {
  233. in := String(append([]byte{asn1.TagGeneralizedTime, byte(len(test.in))}, test.in...))
  234. var out time.Time
  235. ok := in.ReadASN1GeneralizedTime(&out)
  236. if ok != test.ok || ok && !reflect.DeepEqual(out, test.out) {
  237. t.Errorf("#%d: in.ReadASN1GeneralizedTime() = %v, want %v; out = %q, want %q", i, ok, test.ok, out, test.out)
  238. }
  239. }
  240. }
  241. func TestReadASN1BitString(t *testing.T) {
  242. testData := []struct {
  243. in []byte
  244. ok bool
  245. out asn1.BitString
  246. }{
  247. {[]byte{}, false, asn1.BitString{}},
  248. {[]byte{0x00}, true, asn1.BitString{}},
  249. {[]byte{0x07, 0x00}, true, asn1.BitString{Bytes: []byte{0}, BitLength: 1}},
  250. {[]byte{0x07, 0x01}, false, asn1.BitString{}},
  251. {[]byte{0x07, 0x40}, false, asn1.BitString{}},
  252. {[]byte{0x08, 0x00}, false, asn1.BitString{}},
  253. {[]byte{0xff}, false, asn1.BitString{}},
  254. {[]byte{0xfe, 0x00}, false, asn1.BitString{}},
  255. }
  256. for i, test := range testData {
  257. in := String(append([]byte{3, byte(len(test.in))}, test.in...))
  258. var out asn1.BitString
  259. ok := in.ReadASN1BitString(&out)
  260. if ok != test.ok || ok && (!bytes.Equal(out.Bytes, test.out.Bytes) || out.BitLength != test.out.BitLength) {
  261. t.Errorf("#%d: in.ReadASN1BitString() = %v, want %v; out = %v, want %v", i, ok, test.ok, out, test.out)
  262. }
  263. }
  264. }