github.com/icodeface/tls@v0.0.0-20230910023335-34df9250cd12/internal/x/crypto/cryptobyte/asn1_test.go (about) 1 // Copyright 2017 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package cryptobyte 6 7 import ( 8 "bytes" 9 encoding_asn1 "encoding/asn1" 10 "math/big" 11 "reflect" 12 "testing" 13 "time" 14 15 "github.com/icodeface/tls/internal/x/crypto/cryptobyte/asn1" 16 ) 17 18 type readASN1Test struct { 19 name string 20 in []byte 21 tag asn1.Tag 22 ok bool 23 out interface{} 24 } 25 26 var readASN1TestData = []readASN1Test{ 27 {"valid", []byte{0x30, 2, 1, 2}, 0x30, true, []byte{1, 2}}, 28 {"truncated", []byte{0x30, 3, 1, 2}, 0x30, false, nil}, 29 {"zero length of length", []byte{0x30, 0x80}, 0x30, false, nil}, 30 {"invalid long form length", []byte{0x30, 0x81, 1, 1}, 0x30, false, nil}, 31 {"non-minimal length", append([]byte{0x30, 0x82, 0, 0x80}, make([]byte, 0x80)...), 0x30, false, nil}, 32 {"invalid tag", []byte{0xa1, 3, 0x4, 1, 1}, 31, false, nil}, 33 {"high tag", []byte{0x1f, 0x81, 0x80, 0x01, 2, 1, 2}, 0xff /* actually 0x4001, but tag is uint8 */, false, nil}, 34 } 35 36 func TestReadASN1(t *testing.T) { 37 for _, test := range readASN1TestData { 38 t.Run(test.name, func(t *testing.T) { 39 var in, out String = test.in, nil 40 ok := in.ReadASN1(&out, test.tag) 41 if ok != test.ok || ok && !bytes.Equal(out, test.out.([]byte)) { 42 t.Errorf("in.ReadASN1() = %v, want %v; out = %v, want %v", ok, test.ok, out, test.out) 43 } 44 }) 45 } 46 } 47 48 func TestReadASN1Optional(t *testing.T) { 49 var empty String 50 var present bool 51 ok := empty.ReadOptionalASN1(nil, &present, 0xa0) 52 if !ok || present { 53 t.Errorf("empty.ReadOptionalASN1() = %v, want true; present = %v want false", ok, present) 54 } 55 56 var in, out String = []byte{0xa1, 3, 0x4, 1, 1}, nil 57 ok = in.ReadOptionalASN1(&out, &present, 0xa0) 58 if !ok || present { 59 t.Errorf("in.ReadOptionalASN1() = %v, want true, present = %v, want false", ok, present) 60 } 61 ok = in.ReadOptionalASN1(&out, &present, 0xa1) 62 wantBytes := []byte{4, 1, 1} 63 if !ok || !present || !bytes.Equal(out, wantBytes) { 64 t.Errorf("in.ReadOptionalASN1() = %v, want true; present = %v, want true; out = %v, want = %v", ok, present, out, wantBytes) 65 } 66 } 67 68 var optionalOctetStringTestData = []struct { 69 readASN1Test 70 present bool 71 }{ 72 {readASN1Test{"empty", []byte{}, 0xa0, true, []byte{}}, false}, 73 {readASN1Test{"invalid", []byte{0xa1, 3, 0x4, 2, 1}, 0xa1, false, []byte{}}, true}, 74 {readASN1Test{"missing", []byte{0xa1, 3, 0x4, 1, 1}, 0xa0, true, []byte{}}, false}, 75 {readASN1Test{"present", []byte{0xa1, 3, 0x4, 1, 1}, 0xa1, true, []byte{1}}, true}, 76 } 77 78 func TestReadASN1OptionalOctetString(t *testing.T) { 79 for _, test := range optionalOctetStringTestData { 80 t.Run(test.name, func(t *testing.T) { 81 in := String(test.in) 82 var out []byte 83 var present bool 84 ok := in.ReadOptionalASN1OctetString(&out, &present, test.tag) 85 if ok != test.ok || present != test.present || !bytes.Equal(out, test.out.([]byte)) { 86 t.Errorf("in.ReadOptionalASN1OctetString() = %v, want %v; present = %v want %v; out = %v, want %v", ok, test.ok, present, test.present, out, test.out) 87 } 88 }) 89 } 90 } 91 92 const defaultInt = -1 93 94 var optionalIntTestData = []readASN1Test{ 95 {"empty", []byte{}, 0xa0, true, defaultInt}, 96 {"invalid", []byte{0xa1, 3, 0x2, 2, 127}, 0xa1, false, 0}, 97 {"missing", []byte{0xa1, 3, 0x2, 1, 127}, 0xa0, true, defaultInt}, 98 {"present", []byte{0xa1, 3, 0x2, 1, 42}, 0xa1, true, 42}, 99 } 100 101 func TestReadASN1OptionalInteger(t *testing.T) { 102 for _, test := range optionalIntTestData { 103 t.Run(test.name, func(t *testing.T) { 104 in := String(test.in) 105 var out int 106 ok := in.ReadOptionalASN1Integer(&out, test.tag, defaultInt) 107 if ok != test.ok || ok && out != test.out.(int) { 108 t.Errorf("in.ReadOptionalASN1Integer() = %v, want %v; out = %v, want %v", ok, test.ok, out, test.out) 109 } 110 }) 111 } 112 } 113 114 func TestReadASN1IntegerSigned(t *testing.T) { 115 testData64 := []struct { 116 in []byte 117 out int64 118 }{ 119 {[]byte{2, 3, 128, 0, 0}, -0x800000}, 120 {[]byte{2, 2, 255, 0}, -256}, 121 {[]byte{2, 2, 255, 127}, -129}, 122 {[]byte{2, 1, 128}, -128}, 123 {[]byte{2, 1, 255}, -1}, 124 {[]byte{2, 1, 0}, 0}, 125 {[]byte{2, 1, 1}, 1}, 126 {[]byte{2, 1, 2}, 2}, 127 {[]byte{2, 1, 127}, 127}, 128 {[]byte{2, 2, 0, 128}, 128}, 129 {[]byte{2, 2, 1, 0}, 256}, 130 {[]byte{2, 4, 0, 128, 0, 0}, 0x800000}, 131 } 132 for i, test := range testData64 { 133 in := String(test.in) 134 var out int64 135 ok := in.ReadASN1Integer(&out) 136 if !ok || out != test.out { 137 t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out, test.out) 138 } 139 } 140 141 // Repeat the same cases, reading into a big.Int. 142 t.Run("big.Int", func(t *testing.T) { 143 for i, test := range testData64 { 144 in := String(test.in) 145 var out big.Int 146 ok := in.ReadASN1Integer(&out) 147 if !ok || out.Int64() != test.out { 148 t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out.Int64(), test.out) 149 } 150 } 151 }) 152 153 // Repeat with the implicit-tagging functions 154 t.Run("WithTag", func(t *testing.T) { 155 for i, test := range testData64 { 156 tag := asn1.Tag((i * 3) % 32).ContextSpecific() 157 158 testData := make([]byte, len(test.in)) 159 copy(testData, test.in) 160 161 // Alter the tag of the test case. 162 testData[0] = uint8(tag) 163 164 in := String(testData) 165 var out int64 166 ok := in.ReadASN1Int64WithTag(&out, tag) 167 if !ok || out != test.out { 168 t.Errorf("#%d: in.ReadASN1Int64WithTag() = %v, want true; out = %d, want %d", i, ok, out, test.out) 169 } 170 171 var b Builder 172 b.AddASN1Int64WithTag(test.out, tag) 173 result, err := b.Bytes() 174 175 if err != nil { 176 t.Errorf("#%d: AddASN1Int64WithTag failed: %s", i, err) 177 continue 178 } 179 180 if !bytes.Equal(result, testData) { 181 t.Errorf("#%d: AddASN1Int64WithTag: got %x, want %x", i, result, testData) 182 } 183 } 184 }) 185 } 186 187 func TestReadASN1IntegerUnsigned(t *testing.T) { 188 testData := []struct { 189 in []byte 190 out uint64 191 }{ 192 {[]byte{2, 1, 0}, 0}, 193 {[]byte{2, 1, 1}, 1}, 194 {[]byte{2, 1, 2}, 2}, 195 {[]byte{2, 1, 127}, 127}, 196 {[]byte{2, 2, 0, 128}, 128}, 197 {[]byte{2, 2, 1, 0}, 256}, 198 {[]byte{2, 4, 0, 128, 0, 0}, 0x800000}, 199 {[]byte{2, 8, 127, 255, 255, 255, 255, 255, 255, 255}, 0x7fffffffffffffff}, 200 {[]byte{2, 9, 0, 128, 0, 0, 0, 0, 0, 0, 0}, 0x8000000000000000}, 201 {[]byte{2, 9, 0, 255, 255, 255, 255, 255, 255, 255, 255}, 0xffffffffffffffff}, 202 } 203 for i, test := range testData { 204 in := String(test.in) 205 var out uint64 206 ok := in.ReadASN1Integer(&out) 207 if !ok || out != test.out { 208 t.Errorf("#%d: in.ReadASN1Integer() = %v, want true; out = %d, want %d", i, ok, out, test.out) 209 } 210 } 211 } 212 213 func TestReadASN1IntegerInvalid(t *testing.T) { 214 testData := []String{ 215 []byte{3, 1, 0}, // invalid tag 216 // truncated 217 []byte{2, 1}, 218 []byte{2, 2, 0}, 219 // not minimally encoded 220 []byte{2, 2, 0, 1}, 221 []byte{2, 2, 0xff, 0xff}, 222 } 223 224 for i, test := range testData { 225 var out int64 226 if test.ReadASN1Integer(&out) { 227 t.Errorf("#%d: in.ReadASN1Integer() = true, want false (out = %d)", i, out) 228 } 229 } 230 } 231 232 func TestASN1ObjectIdentifier(t *testing.T) { 233 testData := []struct { 234 in []byte 235 ok bool 236 out []int 237 }{ 238 {[]byte{}, false, []int{}}, 239 {[]byte{6, 0}, false, []int{}}, 240 {[]byte{5, 1, 85}, false, []int{2, 5}}, 241 {[]byte{6, 1, 85}, true, []int{2, 5}}, 242 {[]byte{6, 2, 85, 0x02}, true, []int{2, 5, 2}}, 243 {[]byte{6, 4, 85, 0x02, 0xc0, 0x00}, true, []int{2, 5, 2, 0x2000}}, 244 {[]byte{6, 3, 0x81, 0x34, 0x03}, true, []int{2, 100, 3}}, 245 {[]byte{6, 7, 85, 0x02, 0xc0, 0x80, 0x80, 0x80, 0x80}, false, []int{}}, 246 } 247 248 for i, test := range testData { 249 in := String(test.in) 250 var out encoding_asn1.ObjectIdentifier 251 ok := in.ReadASN1ObjectIdentifier(&out) 252 if ok != test.ok || ok && !out.Equal(test.out) { 253 t.Errorf("#%d: in.ReadASN1ObjectIdentifier() = %v, want %v; out = %v, want %v", i, ok, test.ok, out, test.out) 254 continue 255 } 256 257 var b Builder 258 b.AddASN1ObjectIdentifier(out) 259 result, err := b.Bytes() 260 if builderOk := err == nil; test.ok != builderOk { 261 t.Errorf("#%d: error from Builder.Bytes: %s", i, err) 262 continue 263 } 264 if test.ok && !bytes.Equal(result, test.in) { 265 t.Errorf("#%d: reserialisation didn't match, got %x, want %x", i, result, test.in) 266 continue 267 } 268 } 269 } 270 271 func TestReadASN1GeneralizedTime(t *testing.T) { 272 testData := []struct { 273 in string 274 ok bool 275 out time.Time 276 }{ 277 {"20100102030405Z", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.UTC)}, 278 {"20100102030405", false, time.Time{}}, 279 {"20100102030405+0607", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.FixedZone("", 6*60*60+7*60))}, 280 {"20100102030405-0607", true, time.Date(2010, 01, 02, 03, 04, 05, 0, time.FixedZone("", -6*60*60-7*60))}, 281 /* These are invalid times. However, the time package normalises times 282 * and they were accepted in some versions. See #11134. */ 283 {"00000100000000Z", false, time.Time{}}, 284 {"20101302030405Z", false, time.Time{}}, 285 {"20100002030405Z", false, time.Time{}}, 286 {"20100100030405Z", false, time.Time{}}, 287 {"20100132030405Z", false, time.Time{}}, 288 {"20100231030405Z", false, time.Time{}}, 289 {"20100102240405Z", false, time.Time{}}, 290 {"20100102036005Z", false, time.Time{}}, 291 {"20100102030460Z", false, time.Time{}}, 292 {"-20100102030410Z", false, time.Time{}}, 293 {"2010-0102030410Z", false, time.Time{}}, 294 {"2010-0002030410Z", false, time.Time{}}, 295 {"201001-02030410Z", false, time.Time{}}, 296 {"20100102-030410Z", false, time.Time{}}, 297 {"2010010203-0410Z", false, time.Time{}}, 298 {"201001020304-10Z", false, time.Time{}}, 299 } 300 for i, test := range testData { 301 in := String(append([]byte{byte(asn1.GeneralizedTime), byte(len(test.in))}, test.in...)) 302 var out time.Time 303 ok := in.ReadASN1GeneralizedTime(&out) 304 if ok != test.ok || ok && !reflect.DeepEqual(out, test.out) { 305 t.Errorf("#%d: in.ReadASN1GeneralizedTime() = %v, want %v; out = %q, want %q", i, ok, test.ok, out, test.out) 306 } 307 } 308 } 309 310 func TestReadASN1BitString(t *testing.T) { 311 testData := []struct { 312 in []byte 313 ok bool 314 out encoding_asn1.BitString 315 }{ 316 {[]byte{}, false, encoding_asn1.BitString{}}, 317 {[]byte{0x00}, true, encoding_asn1.BitString{}}, 318 {[]byte{0x07, 0x00}, true, encoding_asn1.BitString{Bytes: []byte{0}, BitLength: 1}}, 319 {[]byte{0x07, 0x01}, false, encoding_asn1.BitString{}}, 320 {[]byte{0x07, 0x40}, false, encoding_asn1.BitString{}}, 321 {[]byte{0x08, 0x00}, false, encoding_asn1.BitString{}}, 322 {[]byte{0xff}, false, encoding_asn1.BitString{}}, 323 {[]byte{0xfe, 0x00}, false, encoding_asn1.BitString{}}, 324 } 325 for i, test := range testData { 326 in := String(append([]byte{3, byte(len(test.in))}, test.in...)) 327 var out encoding_asn1.BitString 328 ok := in.ReadASN1BitString(&out) 329 if ok != test.ok || ok && (!bytes.Equal(out.Bytes, test.out.Bytes) || out.BitLength != test.out.BitLength) { 330 t.Errorf("#%d: in.ReadASN1BitString() = %v, want %v; out = %v, want %v", i, ok, test.ok, out, test.out) 331 } 332 } 333 }