Google Git
Sign in
go / crypto.git / 0fe963104e9d1877082f8fb38f816fcd97eb1d10 / . / cryptobyte / asn1_test.go
blob: c8c187032340ea70f5db5f1240a212baf1002c63 [file] [log] [blame]
Martin Kreichgauer728b7532017-01-23 17:46:54 -0800[diff] [blame]1// Copyright 2017 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
5package cryptobyte
6
7import (
8 "bytes"
9 "encoding/asn1"
10 "math/big"
11 "reflect"
12 "testing"
13 "time"
14)
15
16type readASN1Test struct {
17 name string
18 in []byte
19 tag Tag
20 ok bool
21 out interface{}
22}
23
24var readASN1TestData = []readASN1Test{
25 {"valid", []byte{0x30, 2, 1, 2}, 0x30, true, []byte{1, 2}},
26 {"truncated", []byte{0x30, 3, 1, 2}, 0x30, false, nil},
27 {"zero length of length", []byte{0x30, 0x80}, 0x30, false, nil},
28 {"invalid long form length", []byte{0x30, 0x81, 1, 1}, 0x30, false, nil},
29 {"non-minimal length", append([]byte{0x30, 0x82, 0, 0x80}, make([]byte, 0x80)...), 0x30, false, nil},
30 {"invalid tag", []byte{0xa1, 3, 0x4, 1, 1}, 31, false, nil},
31 {"high tag", []byte{0x1f, 0x81, 0x80, 0x01, 2, 1, 2}, 0xff /* actually 0x4001, but tag is uint8 */, false, nil},
32}
33
34func TestReadASN1(t *testing.T) {
35 for _, test := range readASN1TestData {
36 t.Run(test.name, func(t *testing.T) {
37 var in, out String = test.in, nil
38 ok := in.ReadASN1(&out, test.tag)
39 if ok != test.ok || ok && !bytes.Equal(out, test.out.([]byte)) {
40 t.Errorf("in.ReadASN1() = %v, want %v; out = %v, want %v", ok, test.ok, out, test.out)
41 }
42 })
43 }
44}
45
46func TestReadASN1Optional(t *testing.T) {
47 var empty String
48 var present bool
49 ok := empty.ReadOptionalASN1(nil, &present, 0xa0)
50 if !ok || present {
51 t.Errorf("empty.ReadOptionalASN1() = %v, want true; present = %v want false", ok, present)
52 }
53
54 var in, out String = []byte{0xa1, 3, 0x4, 1, 1}, nil
55 ok = in.ReadOptionalASN1(&out, &present, 0xa0)
56 if !ok || present {
57 t.Errorf("in.ReadOptionalASN1() = %v, want true, present = %v, want false", ok, present)
58 }
59 ok = in.ReadOptionalASN1(&out, &present, 0xa1)
60 wantBytes := []byte{4, 1, 1}
61 if !ok || !present || !bytes.Equal(out, wantBytes) {
62 t.Errorf("in.ReadOptionalASN1() = %v, want true; present = %v, want true; out = %v, want = %v", ok, present, out, wantBytes)
63 }
64}
65
66var optionalOctetStringTestData = []struct {
67 readASN1Test
68 present bool
69}{
70 {readASN1Test{"empty", []byte{}, 0xa0, true, []byte{}}, false},
71 {readASN1Test{"invalid", []byte{0xa1, 3, 0x4, 2, 1}, 0xa1, false, []byte{}}, true},
72 {readASN1Test{"missing", []byte{0xa1, 3, 0x4, 1, 1}, 0xa0, true, []byte{}}, false},
73 {readASN1Test{"present", []byte{0xa1, 3, 0x4, 1, 1}, 0xa1, true, []byte{1}}, true},
74}
75
76func TestReadASN1OptionalOctetString(t *testing.T) {
77 for _, test := range optionalOctetStringTestData {
78 t.Run(test.name, func(t *testing.T) {
79 in := String(test.in)
80 var out []byte
81 var present bool
82 ok := in.ReadOptionalASN1OctetString(&out, &present, test.tag)
83 if ok != test.ok || present != test.present || !bytes.Equal(out, test.out.([]byte)) {
84 t.Errorf("in.ReadOptionalASN1OctetString() = %v, want %v; present = %v want %v; out = %v, want %v", ok, test.ok, present, test.present, out, test.out)
85 }
86 })
87 }
88}
89
90const defaultInt = -1
91
92var optionalIntTestData = []readASN1Test{
93 {"empty", []byte{}, 0xa0, true, defaultInt},
94 {"invalid", []byte{0xa1, 3, 0x2, 2, 127}, 0xa1, false, 0},
95 {"missing", []byte{0xa1, 3, 0x2, 1, 127}, 0xa0, true, defaultInt},
96 {"present", []byte{0xa1, 3, 0x2, 1, 42}, 0xa1, true, 42},
97}
98
99func TestReadASN1OptionalInteger(t *testing.T) {
100 for _, test := range optionalIntTestData {
101 t.Run(test.name, func(t *testing.T) {
102 in := String(test.in)
103 var out int
104 ok := in.ReadOptionalASN1Integer(&out, test.tag, defaultInt)
105 if ok != test.ok || ok && out != test.out.(int) {
106 t.Errorf("in.ReadOptionalASN1Integer() = %v, want %v; out = %v, want %v", ok, test.ok, out, test.out)
107 }
108 })
109 }
110}
111
112func TestReadASN1IntegerSigned(t *testing.T) {
113 testData64 := []struct {
114 in []byte
115 out int64
116 }{
117 {[]byte{2, 3, 128, 0, 0}, -0x800000},
118 {[]byte{2, 2, 255, 0}, -256},
119 {[]byte{2, 2, 255, 127}, -129},
120 {[]byte{2, 1, 128}, -128},
121 {[]byte{2, 1, 255}, -1},
122 {[]byte{2, 1, 0}, 0},
123 {[]byte{2, 1, 1}, 1},
124 {[]byte{2, 1, 2}, 2},
125 {[]byte{2, 1, 127}, 127},
126 {[]byte{2, 2, 0, 128}, 128},
127 {[]byte{2, 2, 1, 0}, 256},
128 {[]byte{2, 4, 0, 128, 0, 0}, 0x800000},
129 }
130 for i, test := range testData64 {
131 in := String(test.in)
132 var out int64
133 ok := in.ReadASN1Integer(&out)
134 if !ok || out != test.out {
135 t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out, test.out)
136 }
137 }
138
139 // Repeat the same cases, reading into a big.Int.
140 t.Run("big.Int", func(t *testing.T) {
141 for i, test := range testData64 {
142 in := String(test.in)
143 var out big.Int
144 ok := in.ReadASN1Integer(&out)
145 if !ok || out.Int64() != test.out {
146 t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out.Int64(), test.out)
147 }
148 }
149 })
150}
151
152func TestReadASN1IntegerUnsigned(t *testing.T) {
153 testData := []struct {
154 in []byte
155 out uint64
156 }{
157 {[]byte{2, 1, 0}, 0},
158 {[]byte{2, 1, 1}, 1},
159 {[]byte{2, 1, 2}, 2},
160 {[]byte{2, 1, 127}, 127},
161 {[]byte{2, 2, 0, 128}, 128},
162 {[]byte{2, 2, 1, 0}, 256},
163 {[]byte{2, 4, 0, 128, 0, 0}, 0x800000},
164 {[]byte{2, 8, 127, 255, 255, 255, 255, 255, 255, 255}, 0x7fffffffffffffff},
165 {[]byte{2, 9, 0, 128, 0, 0, 0, 0, 0, 0, 0}, 0x8000000000000000},
166 {[]byte{2, 9, 0, 255, 255, 255, 255, 255, 255, 255, 255}, 0xffffffffffffffff},
167 }
168 for i, test := range testData {
169 in := String(test.in)
170 var out uint64
171 ok := in.ReadASN1Integer(&out)
172 if !ok || out != test.out {
173 t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out, test.out)
174 }
175 }
176}
177
178func TestReadASN1IntegerInvalid(t *testing.T) {
179 testData := []String{
180 []byte{3, 1, 0}, // invalid tag
181 // truncated
182 []byte{2, 1},
183 []byte{2, 2, 0},
184 // not minimally encoded
185 []byte{2, 2, 0, 1},
186 []byte{2, 2, 0xff, 0xff},
187 }
188
189 for i, test := range testData {
190 var out int64
191 if test.ReadASN1Integer(&out) {
192 t.Errorf("#%d: in.ReadASN1Integer() = true, want false (out = %d)", i, out)
193 }
194 }
195}
196
197func TestReadASN1ObjectIdentifier(t *testing.T) {
198 testData := []struct {
199 in []byte
200 ok bool
201 out []int
202 }{
203 {[]byte{}, false, []int{}},
204 {[]byte{6, 0}, false, []int{}},
205 {[]byte{5, 1, 85}, false, []int{2, 5}},
206 {[]byte{6, 1, 85}, true, []int{2, 5}},
207 {[]byte{6, 2, 85, 0x02}, true, []int{2, 5, 2}},
208 {[]byte{6, 4, 85, 0x02, 0xc0, 0x00}, true, []int{2, 5, 2, 0x2000}},
209 {[]byte{6, 3, 0x81, 0x34, 0x03}, true, []int{2, 100, 3}},
210 {[]byte{6, 7, 85, 0x02, 0xc0, 0x80, 0x80, 0x80, 0x80}, false, []int{}},
211 }
212
213 for i, test := range testData {
214 in := String(test.in)
215 var out asn1.ObjectIdentifier
216 ok := in.ReadASN1ObjectIdentifier(&out)
217 if ok != test.ok || ok && !out.Equal(test.out) {
218 t.Errorf("#%d: in.ReadASN1ObjectIdentifier() = %v, want %v; out = %v, want %v", i, ok, test.ok, out, test.out)
219 }
220 }
221}
222
223func TestReadASN1GeneralizedTime(t *testing.T) {
224 testData := []struct {
225 in string
226 ok bool
227 out time.Time
228 }{
229 {"20100102030405Z", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.UTC)},
230 {"20100102030405", false, time.Time{}},
231 {"20100102030405+0607", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.FixedZone("", 6*60*60+7*60))},
232 {"20100102030405-0607", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.FixedZone("", -6*60*60-7*60))},
233 /* These are invalid times. However, the time package normalises times
234 * and they were accepted in some versions. See #11134. */
235 {"00000100000000Z", false, time.Time{}},
236 {"20101302030405Z", false, time.Time{}},
237 {"20100002030405Z", false, time.Time{}},
238 {"20100100030405Z", false, time.Time{}},
239 {"20100132030405Z", false, time.Time{}},
240 {"20100231030405Z", false, time.Time{}},
241 {"20100102240405Z", false, time.Time{}},
242 {"20100102036005Z", false, time.Time{}},
243 {"20100102030460Z", false, time.Time{}},
244 {"-20100102030410Z", false, time.Time{}},
245 {"2010-0102030410Z", false, time.Time{}},
246 {"2010-0002030410Z", false, time.Time{}},
247 {"201001-02030410Z", false, time.Time{}},
248 {"20100102-030410Z", false, time.Time{}},
249 {"2010010203-0410Z", false, time.Time{}},
250 {"201001020304-10Z", false, time.Time{}},
251 }
252 for i, test := range testData {
253 in := String(append([]byte{asn1.TagGeneralizedTime, byte(len(test.in))}, test.in...))
254 var out time.Time
255 ok := in.ReadASN1GeneralizedTime(&out)
256 if ok != test.ok || ok && !reflect.DeepEqual(out, test.out) {
257 t.Errorf("#%d: in.ReadASN1GeneralizedTime() = %v, want %v; out = %q, want %q", i, ok, test.ok, out, test.out)
258 }
259 }
260}
261
262func TestReadASN1BitString(t *testing.T) {
263 testData := []struct {
264 in []byte
265 ok bool
266 out asn1.BitString
267 }{
268 {[]byte{}, false, asn1.BitString{}},
269 {[]byte{0x00}, true, asn1.BitString{}},
270 {[]byte{0x07, 0x00}, true, asn1.BitString{Bytes: []byte{0}, BitLength: 1}},
271 {[]byte{0x07, 0x01}, false, asn1.BitString{}},
272 {[]byte{0x07, 0x40}, false, asn1.BitString{}},
273 {[]byte{0x08, 0x00}, false, asn1.BitString{}},
274 {[]byte{0xff}, false, asn1.BitString{}},
275 {[]byte{0xfe, 0x00}, false, asn1.BitString{}},
276 }
277 for i, test := range testData {
278 in := String(append([]byte{3, byte(len(test.in))}, test.in...))
279 var out asn1.BitString
280 ok := in.ReadASN1BitString(&out)
281 if ok != test.ok || ok && (!bytes.Equal(out.Bytes, test.out.Bytes) || out.BitLength != test.out.BitLength) {
282 t.Errorf("#%d: in.ReadASN1BitString() = %v, want %v; out = %v, want %v", i, ok, test.ok, out, test.out)
283 }
284 }
285}