/
pkixder_universal_types_tests.cpp
1276 lines (1137 loc) · 40.5 KB
/
pkixder_universal_types_tests.cpp
OlderNewer
1
2
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3
4
5
6
7
8
9
10
/* This code is made available to you under your choice of the following sets
* of licensing terms:
*/
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* Copyright 2013 Mozilla Contributors
11
12
13
14
15
16
17
18
19
20
21
22
23
24
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
25
#include <limits>
26
#include <stdint.h>
27
28
#include <vector>
29
#include "pkixgtest.h"
30
31
32
#include "mozpkix/pkixder.h"
33
using namespace mozilla::pkix;
34
using namespace mozilla::pkix::der;
35
using namespace mozilla::pkix::test;
36
using namespace std;
37
38
class pkixder_universal_types_tests : public ::testing::Test { };
39
40
41
42
TEST_F(pkixder_universal_types_tests, BooleanTrue01)
{
const uint8_t DER_BOOLEAN_TRUE_01[] = {
43
0x01, // BOOLEAN
44
45
46
0x01, // length
0x01 // invalid
};
47
48
Input input(DER_BOOLEAN_TRUE_01);
Reader reader(input);
49
bool value = false;
50
ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
51
52
53
54
55
}
TEST_F(pkixder_universal_types_tests, BooleanTrue42)
{
const uint8_t DER_BOOLEAN_TRUE_42[] = {
56
0x01, // BOOLEAN
57
58
59
0x01, // length
0x42 // invalid
};
60
61
Input input(DER_BOOLEAN_TRUE_42);
Reader reader(input);
62
bool value = false;
63
ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
64
65
}
66
static const uint8_t DER_BOOLEAN_TRUE[] = {
67
0x01, // BOOLEAN
68
69
70
71
0x01, // length
0xff // true
};
72
73
TEST_F(pkixder_universal_types_tests, BooleanTrueFF)
{
74
75
Input input(DER_BOOLEAN_TRUE);
Reader reader(input);
76
bool value = false;
77
ASSERT_EQ(Success, Boolean(reader, value));
78
ASSERT_TRUE(value);
79
80
81
82
83
}
TEST_F(pkixder_universal_types_tests, BooleanFalse)
{
const uint8_t DER_BOOLEAN_FALSE[] = {
84
0x01, // BOOLEAN
85
86
87
0x01, // length
0x00 // false
};
88
89
Input input(DER_BOOLEAN_FALSE);
Reader reader(input);
90
91
bool value = true;
92
ASSERT_EQ(Success, Boolean(reader, value));
93
ASSERT_FALSE(value);
94
95
96
97
98
}
TEST_F(pkixder_universal_types_tests, BooleanInvalidLength)
{
const uint8_t DER_BOOLEAN_INVALID_LENGTH[] = {
99
0x01, // BOOLEAN
100
101
102
0x02, // length
0x42, 0x42 // invalid
};
103
104
Input input(DER_BOOLEAN_INVALID_LENGTH);
Reader reader(input);
105
106
bool value = true;
107
ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
108
109
110
111
112
}
TEST_F(pkixder_universal_types_tests, BooleanInvalidZeroLength)
{
const uint8_t DER_BOOLEAN_INVALID_ZERO_LENGTH[] = {
113
0x01, // BOOLEAN
114
115
0x00 // length
};
116
117
Input input(DER_BOOLEAN_INVALID_ZERO_LENGTH);
Reader reader(input);
118
119
bool value = true;
120
ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
121
122
}
123
124
125
// OptionalBoolean implements decoding of OPTIONAL BOOLEAN DEFAULT FALSE.
// If the field is present, it must be a valid encoding of a BOOLEAN with
// value TRUE. If the field is not present, it defaults to FALSE. For
126
127
// compatibility reasons, OptionalBoolean also accepts encodings where the field
// is present with value FALSE (this is technically not a valid DER encoding).
128
129
TEST_F(pkixder_universal_types_tests, OptionalBooleanValidEncodings)
{
130
131
132
133
134
135
136
137
138
{
const uint8_t DER_OPTIONAL_BOOLEAN_PRESENT_TRUE[] = {
0x01, // BOOLEAN
0x01, // length
0xff // true
};
Input input(DER_OPTIONAL_BOOLEAN_PRESENT_TRUE);
Reader reader(input);
bool value = false;
139
ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
140
141
142
143
"Should accept the only valid encoding of a present OPTIONAL BOOLEAN";
ASSERT_TRUE(value);
ASSERT_TRUE(reader.AtEnd());
}
144
145
146
147
148
149
150
151
152
153
154
{
// The OPTIONAL BOOLEAN is omitted in this data.
const uint8_t DER_INTEGER_05[] = {
0x02, // INTEGER
0x01, // length
0x05
};
Input input(DER_INTEGER_05);
Reader reader(input);
bool value = true;
155
ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
156
157
158
159
160
161
162
163
164
165
"Should accept a valid encoding of an omitted OPTIONAL BOOLEAN";
ASSERT_FALSE(value);
ASSERT_FALSE(reader.AtEnd());
}
{
Input input;
ASSERT_EQ(Success, input.Init(reinterpret_cast<const uint8_t*>(""), 0));
Reader reader(input);
bool value = true;
166
ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
167
168
169
170
"Should accept another valid encoding of an omitted OPTIONAL BOOLEAN";
ASSERT_FALSE(value);
ASSERT_TRUE(reader.AtEnd());
}
171
172
173
174
175
176
177
178
179
180
}
TEST_F(pkixder_universal_types_tests, OptionalBooleanInvalidEncodings)
{
const uint8_t DER_OPTIONAL_BOOLEAN_PRESENT_FALSE[] = {
0x01, // BOOLEAN
0x01, // length
0x00 // false
};
181
182
183
184
{
Input input(DER_OPTIONAL_BOOLEAN_PRESENT_FALSE);
Reader reader(input);
bool value = true;
185
186
ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
"Should accept an invalid, default-value encoding of OPTIONAL BOOLEAN";
187
188
189
ASSERT_FALSE(value);
ASSERT_TRUE(reader.AtEnd());
}
190
191
192
193
194
195
const uint8_t DER_OPTIONAL_BOOLEAN_PRESENT_42[] = {
0x01, // BOOLEAN
0x01, // length
0x42 // (invalid value for a BOOLEAN)
};
196
197
198
199
200
{
Input input(DER_OPTIONAL_BOOLEAN_PRESENT_42);
Reader reader(input);
bool value;
201
202
ASSERT_EQ(Result::ERROR_BAD_DER, OptionalBoolean(reader, value)) <<
"Should reject an invalid-valued encoding of OPTIONAL BOOLEAN";
203
}
204
205
}
206
207
208
TEST_F(pkixder_universal_types_tests, Enumerated)
{
const uint8_t DER_ENUMERATED[] = {
209
0x0a, // ENUMERATED
210
211
212
0x01, // length
0x42 // value
};
213
214
Input input(DER_ENUMERATED);
Reader reader(input);
215
216
uint8_t value = 0;
217
ASSERT_EQ(Success, Enumerated(reader, value));
218
219
220
221
222
223
ASSERT_EQ(0x42, value);
}
TEST_F(pkixder_universal_types_tests, EnumeratedNotShortestPossibleDER)
{
const uint8_t DER_ENUMERATED[] = {
224
0x0a, // ENUMERATED
225
226
227
0x02, // length
0x00, 0x01 // value
};
228
229
Input input(DER_ENUMERATED);
Reader reader(input);
230
231
uint8_t value = 0;
232
ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING, Enumerated(reader, value));
233
234
235
236
237
238
239
240
241
}
TEST_F(pkixder_universal_types_tests, EnumeratedOutOfAcceptedRange)
{
// Although this is a valid ENUMERATED value according to ASN.1, we
// intentionally don't support these large values because there are no
// ENUMERATED values in X.509 certs or OCSP this large, and we're trying to
// keep the parser simple and fast.
const uint8_t DER_ENUMERATED_INVALID_LENGTH[] = {
242
0x0a, // ENUMERATED
243
244
245
0x02, // length
0x12, 0x34 // value
};
246
247
Input input(DER_ENUMERATED_INVALID_LENGTH);
Reader reader(input);
248
249
uint8_t value = 0;
250
ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING, Enumerated(reader, value));
251
252
253
254
255
}
TEST_F(pkixder_universal_types_tests, EnumeratedInvalidZeroLength)
{
const uint8_t DER_ENUMERATED_INVALID_ZERO_LENGTH[] = {
256
0x0a, // ENUMERATED
257
258
0x00 // length
};
259
260
Input input(DER_ENUMERATED_INVALID_ZERO_LENGTH);
Reader reader(input);
261
262
uint8_t value = 0;
263
ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING, Enumerated(reader, value));
264
265
}
266
////////////////////////////////////////
267
// GeneralizedTime and TimeChoice
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
//
// From RFC 5280 section 4.1.2.5.2
//
// For the purposes of this profile, GeneralizedTime values MUST be
// expressed in Greenwich Mean Time (Zulu) and MUST include seconds
// (i.e., times are YYYYMMDDHHMMSSZ), even where the number of seconds
// is zero. GeneralizedTime values MUST NOT include fractional seconds.
//
// And from from RFC 6960 (OCSP) section 4.2.2.1:
//
// Responses can contain four times -- thisUpdate, nextUpdate,
// producedAt, and revocationTime. The semantics of these fields are
// defined in Section 2.4. The format for GeneralizedTime is as
// specified in Section 4.1.2.5.2 of [RFC5280].
//
// So while we can could accept other ASN1 (ITU-T X.680) encodings for
// GeneralizedTime we should not accept them, and breaking reading of these
// other encodings is actually encouraged.
287
// e.g. TWO_CHARS(53) => '5', '3'
288
289
290
#define TWO_CHARS(t) \
static_cast<uint8_t>('0' + (static_cast<uint8_t>(t) / 10u)), \
static_cast<uint8_t>('0' + (static_cast<uint8_t>(t) % 10u))
291
292
293
294
295
// Calls TimeChoice on the UTCTime variant of the given generalized time.
template <uint16_t LENGTH>
Result
TimeChoiceForEquivalentUTCTime(const uint8_t (&generalizedTimeDER)[LENGTH],
296
/*out*/ Time& value)
297
298
299
300
301
302
303
304
305
306
{
static_assert(LENGTH >= 4,
"TimeChoiceForEquivalentUTCTime input too small");
uint8_t utcTimeDER[LENGTH - 2];
utcTimeDER[0] = 0x17; // tag UTCTime
utcTimeDER[1] = LENGTH - 1/*tag*/ - 1/*value*/ - 2/*century*/;
// Copy the value except for the first two digits of the year
for (size_t i = 2; i < LENGTH - 2; ++i) {
utcTimeDER[i] = generalizedTimeDER[i + 2];
}
307
308
309
310
Input input(utcTimeDER);
Reader reader(input);
return TimeChoice(reader, value);
311
}
312
313
314
template <uint16_t LENGTH>
void
315
ExpectGoodTime(Time expectedValue,
316
const uint8_t (&generalizedTimeDER)[LENGTH])
317
{
318
319
// GeneralizedTime
{
320
321
Input input(generalizedTimeDER);
Reader reader(input);
322
Time value(Time::uninitialized);
323
ASSERT_EQ(Success, GeneralizedTime(reader, value));
324
325
326
327
328
EXPECT_EQ(expectedValue, value);
}
// TimeChoice: GeneralizedTime
{
329
330
Input input(generalizedTimeDER);
Reader reader(input);
331
Time value(Time::uninitialized);
332
ASSERT_EQ(Success, TimeChoice(reader, value));
333
334
335
336
337
EXPECT_EQ(expectedValue, value);
}
// TimeChoice: UTCTime
{
338
Time value(Time::uninitialized);
339
340
ASSERT_EQ(Success,
TimeChoiceForEquivalentUTCTime(generalizedTimeDER, value));
341
342
343
344
345
346
347
348
349
350
EXPECT_EQ(expectedValue, value);
}
}
template <uint16_t LENGTH>
void
ExpectBadTime(const uint8_t (&generalizedTimeDER)[LENGTH])
{
// GeneralizedTime
{
351
352
Input input(generalizedTimeDER);
Reader reader(input);
353
Time value(Time::uninitialized);
354
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(reader, value));
355
356
357
358
}
// TimeChoice: GeneralizedTime
{
359
360
Input input(generalizedTimeDER);
Reader reader(input);
361
Time value(Time::uninitialized);
362
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(reader, value));
363
}
364
365
366
// TimeChoice: UTCTime
{
367
Time value(Time::uninitialized);
368
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME,
369
TimeChoiceForEquivalentUTCTime(generalizedTimeDER, value));
370
}
371
372
}
373
374
// Control value: a valid time
TEST_F(pkixder_universal_types_tests, ValidControl)
375
{
376
const uint8_t GT_DER[] = {
377
378
0x18, // Generalized Time
15, // Length = 15
379
380
'1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', '4', '0', 'Z'
};
381
382
ExpectGoodTime(YMDHMS(1991, 5, 6, 16, 45, 40), GT_DER);
}
383
384
385
386
387
388
389
390
391
392
TEST_F(pkixder_universal_types_tests, TimeTimeZoneOffset)
{
const uint8_t DER_GENERALIZED_TIME_OFFSET[] = {
0x18, // Generalized Time
19, // Length = 19
'1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', '4', '0', '-',
'0', '7', '0', '0'
};
ExpectBadTime(DER_GENERALIZED_TIME_OFFSET);
393
394
}
395
TEST_F(pkixder_universal_types_tests, TimeInvalidZeroLength)
396
397
{
const uint8_t DER_GENERALIZED_TIME_INVALID_ZERO_LENGTH[] = {
398
399
0x18, // GeneralizedTime
0x00 // Length = 0
400
401
};
402
Time value(Time::uninitialized);
403
404
// GeneralizedTime
405
406
Input gtBuf(DER_GENERALIZED_TIME_INVALID_ZERO_LENGTH);
Reader gt(gtBuf);
407
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(gt, value));
408
409
// TimeChoice: GeneralizedTime
410
411
Input tc_gt_buf(DER_GENERALIZED_TIME_INVALID_ZERO_LENGTH);
Reader tc_gt(tc_gt_buf);
412
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(tc_gt, value));
413
414
// TimeChoice: UTCTime
415
416
417
418
const uint8_t DER_UTCTIME_INVALID_ZERO_LENGTH[] = {
0x17, // UTCTime
0x00 // Length = 0
};
419
420
Input tc_utc_buf(DER_UTCTIME_INVALID_ZERO_LENGTH);
Reader tc_utc(tc_utc_buf);
421
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(tc_utc, value));
422
423
424
}
// A non zulu time should fail
425
TEST_F(pkixder_universal_types_tests, TimeInvalidLocal)
426
427
428
429
430
431
{
const uint8_t DER_GENERALIZED_TIME_INVALID_LOCAL[] = {
0x18, // Generalized Time
14, // Length = 14
'1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', '4', '0'
};
432
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_LOCAL);
433
434
435
}
// A time missing seconds and zulu should fail
436
TEST_F(pkixder_universal_types_tests, TimeInvalidTruncated)
437
438
439
440
441
442
{
const uint8_t DER_GENERALIZED_TIME_INVALID_TRUNCATED[] = {
0x18, // Generalized Time
12, // Length = 12
'1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5'
};
443
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_TRUNCATED);
444
445
}
446
TEST_F(pkixder_universal_types_tests, TimeNoSeconds)
447
448
449
450
451
452
{
const uint8_t DER_GENERALIZED_TIME_NO_SECONDS[] = {
0x18, // Generalized Time
13, // Length = 13
'1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', 'Z'
};
453
ExpectBadTime(DER_GENERALIZED_TIME_NO_SECONDS);
454
455
}
456
TEST_F(pkixder_universal_types_tests, TimeInvalidPrefixedYear)
457
458
459
460
461
462
{
const uint8_t DER_GENERALIZED_TIME_INVALID_PREFIXED_YEAR[] = {
0x18, // Generalized Time
16, // Length = 16
' ', '1', '9', '9', '1', '0', '1', '0', '1', '0', '1', '0', '1', '0', '1', 'Z'
};
463
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_PREFIXED_YEAR);
464
465
}
466
TEST_F(pkixder_universal_types_tests, TimeTooManyDigits)
467
{
468
const uint8_t DER_GENERALIZED_TIME_TOO_MANY_DIGITS[] = {
469
470
471
472
0x18, // Generalized Time
16, // Length = 16
'1', '1', '1', '1', '1', '0', '1', '0', '1', '0', '1', '0', '1', '0', '1', 'Z'
};
473
ExpectBadTime(DER_GENERALIZED_TIME_TOO_MANY_DIGITS);
474
475
}
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
// In order to ensure we we don't run into any trouble with conversions to and
// from time_t we only accept times from 1970 onwards.
TEST_F(pkixder_universal_types_tests, GeneralizedTimeYearValidRange)
{
// Note that by using the last second of the last day of the year, we're also
// effectively testing all the accumulated conversions from Gregorian to to
// Julian time, including in particular the effects of leap years.
for (uint16_t i = 1970; i <= 9999; ++i) {
const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
TWO_CHARS(i / 100), TWO_CHARS(i % 100), // YYYY
'1', '2', '3', '1', // 12-31
'2', '3', '5', '9', '5', '9', 'Z' // 23:59:59Z
};
493
Time expectedValue = YMDHMS(i, 12, 31, 23, 59, 59);
494
495
496
497
498
499
500
// We have to test GeneralizedTime separately from UTCTime instead of using
// ExpectGooDtime because the range of UTCTime is less than the range of
// GeneralizedTime.
// GeneralizedTime
{
501
502
Input input(DER);
Reader reader(input);
503
Time value(Time::uninitialized);
504
ASSERT_EQ(Success, GeneralizedTime(reader, value));
505
506
507
508
509
EXPECT_EQ(expectedValue, value);
}
// TimeChoice: GeneralizedTime
{
510
511
Input input(DER);
Reader reader(input);
512
Time value(Time::uninitialized);
513
ASSERT_EQ(Success, TimeChoice(reader, value));
514
515
516
517
518
EXPECT_EQ(expectedValue, value);
}
// TimeChoice: UTCTime, which is limited to years less than 2049.
if (i <= 2049) {
519
Time value(Time::uninitialized);
520
ASSERT_EQ(Success, TimeChoiceForEquivalentUTCTime(DER, value));
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
EXPECT_EQ(expectedValue, value);
}
}
}
// In order to ensure we we don't run into any trouble with conversions to and
// from time_t we only accept times from 1970 onwards.
TEST_F(pkixder_universal_types_tests, TimeYearInvalid1969)
{
static const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'1', '9', '6', '9', '1', '2', '3', '1', // !!!1969!!!-12-31
'2', '3', '5', '9', '5', '9', 'Z' // 23:59:59Z
};
ExpectBadTime(DER);
}
static const uint8_t DAYS_IN_MONTH[] = {
0, // unused
31, // January
28, // February (leap years tested separately)
31, // March
30, // April
31, // May
30, // Jun
31, // July
31, // August
30, // September
31, // October
30, // November
31, // December
};
TEST_F(pkixder_universal_types_tests, TimeMonthDaysValidRange)
{
557
for (uint16_t month = 1; month <= 12; ++month) {
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
for (uint8_t day = 1; day <= DAYS_IN_MONTH[month]; ++day) {
const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '5', TWO_CHARS(month), TWO_CHARS(day), // (2015-mm-dd)
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
};
ExpectGoodTime(YMDHMS(2015, month, day, 16, 45, 40), DER);
}
}
}
TEST_F(pkixder_universal_types_tests, TimeMonthInvalid0)
{
static const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '5', '0', '0', '1', '5', // 2015-!!!00!!!-15
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
};
ExpectBadTime(DER);
}
TEST_F(pkixder_universal_types_tests, TimeMonthInvalid13)
582
{
583
const uint8_t DER_GENERALIZED_TIME_13TH_MONTH[] = {
584
585
586
587
588
589
0x18, // Generalized Time
15, // Length = 15
'1', '9', '9', '1', //YYYY (1991)
'1', '3', //MM 13th month of the year
'0', '6', '1', '6', '4', '5', '4', '0', 'Z'
};
590
ExpectBadTime(DER_GENERALIZED_TIME_13TH_MONTH);
591
592
}
593
594
595
596
597
598
599
600
601
602
603
604
605
TEST_F(pkixder_universal_types_tests, TimeDayInvalid0)
{
static const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '5', '0', '1', '0', '0', // 2015-01-!!!00!!!
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
};
ExpectBadTime(DER);
}
TEST_F(pkixder_universal_types_tests, TimeMonthDayInvalidPastEndOfMonth)
{
606
for (int16_t month = 1; month <= 12; ++month) {
607
608
609
610
611
612
613
614
615
616
617
618
619
const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'1', '9', '9', '1', // YYYY 1991
TWO_CHARS(month), // MM
TWO_CHARS(1 + (month == 2 ? 29 : DAYS_IN_MONTH[month])), // !!!DD!!!
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
};
ExpectBadTime(DER);
}
}
TEST_F(pkixder_universal_types_tests, TimeMonthFebLeapYear2016)
620
{
621
static const uint8_t DER[] = {
622
623
0x18, // Generalized Time
15, // Length = 15
624
625
'2', '0', '1', '6', '0', '2', '2', '9', // 2016-02-29
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
626
};
627
ExpectGoodTime(YMDHMS(2016, 2, 29, 16, 45, 40), DER);
628
629
}
630
TEST_F(pkixder_universal_types_tests, TimeMonthFebLeapYear2000)
631
{
632
static const uint8_t DER[] = {
633
634
0x18, // Generalized Time
15, // Length = 15
635
636
'2', '0', '0', '0', '0', '2', '2', '9', // 2000-02-29
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
637
};
638
ExpectGoodTime(YMDHMS(2000, 2, 29, 16, 45, 40), DER);
639
640
}
641
TEST_F(pkixder_universal_types_tests, TimeMonthFebLeapYear2400)
642
{
643
static const uint8_t DER[] = {
644
645
0x18, // Generalized Time
15, // Length = 15
646
647
'2', '4', '0', '0', '0', '2', '2', '9', // 2400-02-29
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
648
};
649
650
651
// We don't use ExpectGoodTime here because UTCTime can't represent 2400.
652
Time expectedValue = YMDHMS(2400, 2, 29, 16, 45, 40);
653
654
655
// GeneralizedTime
{
656
657
Input input(DER);
Reader reader(input);
658
Time value(Time::uninitialized);
659
ASSERT_EQ(Success, GeneralizedTime(reader, value));
660
661
662
663
664
EXPECT_EQ(expectedValue, value);
}
// TimeChoice: GeneralizedTime
{
665
666
Input input(DER);
Reader reader(input);
667
Time value(Time::uninitialized);
668
ASSERT_EQ(Success, TimeChoice(reader, value));
669
670
EXPECT_EQ(expectedValue, value);
}
671
672
}
673
TEST_F(pkixder_universal_types_tests, TimeMonthFebNotLeapYear2014)
674
{
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
static const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '4', '0', '2', '2', '9', // 2014-02-29
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
};
ExpectBadTime(DER);
}
TEST_F(pkixder_universal_types_tests, TimeMonthFebNotLeapYear2100)
{
static const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '1', '0', '0', '0', '2', '2', '9', // 2100-02-29
'1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
};
// We don't use ExpectBadTime here because UTCTime can't represent 2100.
// GeneralizedTime
{
697
698
Input input(DER);
Reader reader(input);
699
Time value(Time::uninitialized);
700
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(reader, value));
701
702
703
704
}
// TimeChoice: GeneralizedTime
{
705
706
Input input(DER);
Reader reader(input);
707
Time value(Time::uninitialized);
708
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(reader, value));
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
}
}
TEST_F(pkixder_universal_types_tests, TimeHoursValidRange)
{
for (uint8_t i = 0; i <= 23; ++i) {
const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
TWO_CHARS(i), '5', '9', '0', '1', 'Z' // HHMMSSZ (!!!!ii!!!!:59:01 Zulu)
};
ExpectGoodTime(YMDHMS(2012, 6, 30, i, 59, 1), DER);
}
}
TEST_F(pkixder_universal_types_tests, TimeHoursInvalid_24_00_00)
{
static const uint8_t DER[] = {
728
729
730
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
731
'2', '4', '0', '0', '0', '0', 'Z' // HHMMSSZ (!!24!!:00:00 Zulu)
732
};
733
734
735
736
737
738
739
740
741
742
743
744
745
746
ExpectBadTime(DER);
}
TEST_F(pkixder_universal_types_tests, TimeMinutesValidRange)
{
for (uint8_t i = 0; i <= 59; ++i) {
const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
'2', '3', TWO_CHARS(i), '0', '1', 'Z' // HHMMSSZ (23:!!!!ii!!!!:01 Zulu)
};
ExpectGoodTime(YMDHMS(2012, 6, 30, 23, i, 1), DER);
}
747
748
}
749
TEST_F(pkixder_universal_types_tests, TimeMinutesInvalid60)
750
{
751
const uint8_t DER[] = {
752
753
754
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
755
'2', '3', '6', '0', '5', '9', 'Z' // HHMMSSZ (23:!!!60!!!:01 Zulu)
756
};
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
ExpectBadTime(DER);
}
TEST_F(pkixder_universal_types_tests, TimeSecondsValidRange)
{
for (uint8_t i = 0; i <= 59; ++i) {
const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
'2', '3', '5', '9', TWO_CHARS(i), 'Z' // HHMMSSZ (23:59:!!!!ii!!!! Zulu)
};
ExpectGoodTime(YMDHMS(2012, 6, 30, 23, 59, i), DER);
}
}
// No Leap Seconds (60)
TEST_F(pkixder_universal_types_tests, TimeSecondsInvalid60)
{
static const uint8_t DER[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
'2', '3', '5', '9', '6', '0', 'Z' // HHMMSSZ (23:59:!!!!60!!!! Zulu)
};
ExpectBadTime(DER);
783
784
}
785
786
// No Leap Seconds (61)
TEST_F(pkixder_universal_types_tests, TimeSecondsInvalid61)
787
{
788
static const uint8_t DER[] = {
789
790
791
792
793
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
'2', '3', '5', '9', '6', '1', 'Z' // HHMMSSZ (23:59:!!!!61!!!! Zulu)
};
794
ExpectBadTime(DER);
795
796
}
797
TEST_F(pkixder_universal_types_tests, TimeInvalidZulu)
798
799
800
801
802
803
804
{
const uint8_t DER_GENERALIZED_TIME_INVALID_ZULU[] = {
0x18, // Generalized Time
15, // Length = 15
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
'2', '3', '5', '9', '5', '9', 'z' // HHMMSSZ (23:59:59 !!!z!!!) should be Z
};
805
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_ZULU);
806
807
}
808
TEST_F(pkixder_universal_types_tests, TimeInvalidExtraData)
809
810
811
812
813
814
815
816
{
const uint8_t DER_GENERALIZED_TIME_INVALID_EXTRA_DATA[] = {
0x18, // Generalized Time
16, // Length = 16
'2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
'2', '3', '5', '9', '5', '9', 'Z', // HHMMSSZ (23:59:59Z)
0 // Extra null character
};
817
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_EXTRA_DATA);
818
819
}
820
TEST_F(pkixder_universal_types_tests, TimeInvalidCenturyChar)
821
822
823
824
825
826
827
828
{
const uint8_t DER_GENERALIZED_TIME_INVALID_CENTURY_CHAR[] = {
0x18, // Generalized Time
15, // Length = 15
'X', '9', '9', '1', '1', '2', '0', '6', // YYYYMMDD (X991-12-06)
'1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
};
829
830
831
832
833
834
// We can't use ExpectBadTime here, because ExpectBadTime requires
// consistent results for GeneralizedTime and UTCTime, but the results
// for this input are different.
// GeneralizedTime
{
835
836
Input input(DER_GENERALIZED_TIME_INVALID_CENTURY_CHAR);
Reader reader(input);
837
Time value(Time::uninitialized);
838
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(reader, value));
839
840
841
842
}
// TimeChoice: GeneralizedTime
{
843
844
Input input(DER_GENERALIZED_TIME_INVALID_CENTURY_CHAR);
Reader reader(input);
845
Time value(Time::uninitialized);
846
ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(reader, value));
847
848
849
}
// This test is not applicable to TimeChoice: UTCTime
850
851
}
852
TEST_F(pkixder_universal_types_tests, TimeInvalidYearChar)
853
854
855
856
857
858
859
{
const uint8_t DER_GENERALIZED_TIME_INVALID_YEAR_CHAR[] = {
0x18, // Generalized Time
15, // Length = 15
'1', '9', '9', 'I', '0', '1', '0', '6', // YYYYMMDD (199I-12-06)
'1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
};
860
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_YEAR_CHAR);
861
862
863
864
865
866
867
868
869
870
}
TEST_F(pkixder_universal_types_tests, GeneralizedTimeInvalidMonthChar)
{
const uint8_t DER_GENERALIZED_TIME_INVALID_MONTH_CHAR[] = {
0x18, // Generalized Time
15, // Length = 15
'1', '9', '9', '1', '0', 'I', '0', '6', // YYYYMMDD (1991-0I-06)
'1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
};
871
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_MONTH_CHAR);
872
873
}
874
TEST_F(pkixder_universal_types_tests, TimeInvalidDayChar)
875
876
877
878
879
880
881
{
const uint8_t DER_GENERALIZED_TIME_INVALID_DAY_CHAR[] = {
0x18, // Generalized Time
15, // Length = 15
'1', '9', '9', '1', '0', '1', '0', 'S', // YYYYMMDD (1991-01-0S)
'1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
};
882
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_DAY_CHAR);
883
884
}
885
TEST_F(pkixder_universal_types_tests, TimeInvalidFractionalSeconds)
886
887
888
889
890
891
892
{
const uint8_t DER_GENERALIZED_TIME_INVALID_FRACTIONAL_SECONDS[] = {
0x18, // Generalized Time
17, // Length = 17
'1', '9', '9', '1', '0', '1', '0', '1', // YYYYMMDD (1991-01-01)
'1', '6', '4', '5', '4', '0', '.', '3', 'Z' // HHMMSS.FFF (16:45:40.3Z)
};
893
ExpectBadTime(DER_GENERALIZED_TIME_INVALID_FRACTIONAL_SECONDS);
894
895
}
896
struct IntegerTestParams
897
{
898
899
900
ByteString encoded;
struct PositiveIntegerParams
{
901
Result expectedResult;
902
903
Input::size_type significantBytesIfValid;
} positiveInteger;
904
905
906
907
908
struct SmallNonnegativeIntegerParams
{
Result expectedResult;
uint8_t valueIfValid;
} smallNonnegativeInteger;
909
};
910
911
912
913
class pkixder_universal_types_tests_Integer
: public ::testing::Test
, public ::testing::WithParamInterface<IntegerTestParams>
914
{
915
};
916
917
918
919
920
921
::std::ostream& operator<<(::std::ostream& os, const IntegerTestParams&)
{
return os << "TODO (bug 1318770)";
}
922
#define INVALID 0xFF
923
924
static const IntegerTestParams INTEGER_TEST_PARAMS[] =
925
{
926
// Zero is encoded with one value byte of 0x00.
927
928
929
930
931
932
{ TLV(2, ByteString()),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x00"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Success, 0 } },
933
934
// Positive single-byte values
935
936
937
938
{ TLV(2, "\x01"), { Success, 1 }, { Success, 1} },
{ TLV(2, "\x02"), { Success, 1 }, { Success, 2} },
{ TLV(2, "\x7e"), { Success, 1 }, { Success, 0x7e} },
{ TLV(2, "\x7f"), { Success, 1 }, { Success, 0x7f} },
939
940
// Negative single-byte values
941
942
943
944
945
946
947
948
949
950
951
952
{ TLV(2, "\x80"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x81"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\xFE"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\xFF"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
953
954
// Positive two-byte values not starting with 0x00
955
956
957
958
959
960
961
962
963
{ TLV(2, "\x7F\x00"),
{ Success, 2 },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x01\x00"),
{ Success, 2 },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x01\x02"),
{ Success, 2 },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
964
965
// Negative two-byte values not starting with 0xFF
966
967
968
969
970
971
972
973
974
975
976
977
{ TLV(2, "\x80\x00"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x80\x7F"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x80\x80"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x80\xFF"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
978
979
// The leading zero is necessary.
980
981
982
983
984
985
986
987
988
{ TLV(2, "\x00\x80"),
{ Success, 1},
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x00\x81"),
{ Success, 1},
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x00\xFF"),
{ Success, 1},
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
989
990
// The leading zero is unnecessary.
991
992
993
994
995
996
{ TLV(2, "\x00\x01"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
{ TLV(2, "\x00\x7F"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
997
998
// The leading 0xFF is necessary.
999
1000
{ TLV(2, "\xFF\x00"),
{ Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },