Bug 1221620 - Tests for DER integer decoding, r=mt

--HG-- extra : amend_source : 7fd04fb7cb4ee88d2461bce6fc9781516966990f extra : histedit_source : fe06387817129f67fee05518688804ce7b2cf293
sailfishos-mirror · Jan 27, 2016 · e65dee6 · e65dee6
1 parent 147d93c
commit e65dee6
Show file tree

Hide file tree

Showing 8 changed files with 290 additions and 3 deletions.
diff --git a/external_tests/der_gtest/Makefile b/external_tests/der_gtest/Makefile
@@ -0,0 +1,44 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY).   #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL)          #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL)       #
+#######################################################################
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
+#######################################################################
+
+include ../common/gtest.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL)                              #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL)                           #
+#######################################################################
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL).                              #
+#######################################################################
+
diff --git a/external_tests/der_gtest/der_getint_unittest.cc b/external_tests/der_gtest/der_getint_unittest.cc
@@ -0,0 +1,114 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nss.h"
+#include "pk11pub.h"
+#include "secutil.h"
+#include <memory>
+#include <climits>
+#include <netinet/in.h>
+
+#include "gtest/gtest.h"
+#include "scoped_ptrs.h"
+
+namespace nss_test {
+
+class DERIntegerDecodingTest : public ::testing::Test {
+ public:
+  void TestGetInteger(long number, unsigned char *der_number, unsigned int len)
+  {
+    SECItem input = {siBuffer, der_number, len};
+    EXPECT_EQ(number, DER_GetInteger(&input));
+  }
+
+  void GetDerLongMax(unsigned char *der_number, unsigned int len)
+  {
+    der_number[0] = 0x7F;
+    for (unsigned int i = 1; i < len; ++i) {
+      der_number[i] = 0xFF;
+    }
+  }
+
+  void GetDerLongMin(unsigned char *der_number, unsigned int len)
+  {
+    der_number[0] = 0x80;
+    for (unsigned int i = 1; i < len; ++i) {
+      der_number[i] = 0x00;
+    }
+  }
+};
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMinus126) {
+  unsigned char der[] = {0x82};
+  TestGetInteger(-126, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLong130) {
+  unsigned char der[] = {0x00, 0x82};
+  TestGetInteger(130, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLong0) {
+  unsigned char der[] = {0x00};
+  TestGetInteger(0, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLong1) {
+  unsigned char der[] = {0x01};
+  TestGetInteger(1, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMinus1) {
+  unsigned char der[] = {0xFF};
+  TestGetInteger(-1, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMax) {
+  unsigned char der[sizeof(long)];
+  GetDerLongMax(der, sizeof(long));
+  TestGetInteger(LONG_MAX, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMin) {
+  unsigned char der[sizeof(long)];
+  GetDerLongMin(der, sizeof(long));
+  TestGetInteger(LONG_MIN, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMaxMinus1) {
+  unsigned char der[sizeof(long)];
+  GetDerLongMax(der, sizeof(long));
+  der[sizeof(long)-1] = 0xFE;
+  TestGetInteger(LONG_MAX-1, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMinPlus1) {
+  unsigned char der[sizeof(long)];
+  GetDerLongMin(der, sizeof(long));
+  der[sizeof(long)-1] = 0x01;
+  TestGetInteger(LONG_MIN+1, der, sizeof(der));
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMinMinus1) {
+  unsigned char der[sizeof(long)+1];
+  GetDerLongMax(der, sizeof(long)+1);
+  der[0] = 0xFF;
+  der[1] = 0x7F;
+  TestGetInteger(LONG_MIN, der, sizeof(der));
+  EXPECT_EQ(SEC_ERROR_BAD_DER, PORT_GetError());
+}
+
+TEST_F(DERIntegerDecodingTest, DecodeLongMaxPlus1) {
+  unsigned char der[sizeof(long)+1];
+  GetDerLongMin(der, sizeof(long)+1);
+  der[0] = 0x00;
+  der[1] = 0x80;
+  TestGetInteger(LONG_MAX, der, sizeof(der));
+  EXPECT_EQ(SEC_ERROR_BAD_DER, PORT_GetError());
+}
+
+}  // namespace nss_test
+
diff --git a/external_tests/der_gtest/der_gtest.cc b/external_tests/der_gtest/der_gtest.cc
@@ -0,0 +1,21 @@
+#include "nspr.h"
+#include "nss.h"
+#include "ssl.h"
+
+#include <cstdlib>
+
+#define GTEST_HAS_RTTI 0
+#include "gtest/gtest.h"
+
+int main(int argc, char **argv) {
+  // Start the tests
+  ::testing::InitGoogleTest(&argc, argv);
+
+  NSS_NoDB_Init(nullptr);
+  NSS_SetDomesticPolicy();
+  int rv = RUN_ALL_TESTS();
+
+  NSS_Shutdown();
+
+  return rv;
+}
diff --git a/external_tests/der_gtest/manifest.mn b/external_tests/der_gtest/manifest.mn
@@ -0,0 +1,20 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+CORE_DEPTH = ../..
+DEPTH      = ../..
+MODULE = nss
+
+CPPSRCS = \
+      der_getint_unittest.cc \
+      der_gtest.cc \
+      $(NULL)
+
+INCLUDES += -I$(CORE_DEPTH)/external_tests/google_test/gtest/include \
+            -I$(CORE_DEPTH)/external_tests/common
+
+REQUIRES = nspr nss libdbm gtest
+
+PROGRAM = der_gtest
+EXTRA_LIBS = $(DIST)/lib/$(LIB_PREFIX)gtest.$(LIB_SUFFIX)
diff --git a/external_tests/manifest.mn b/external_tests/manifest.mn
@@ -7,6 +7,7 @@ DEPTH      = ..
 
 DIRS = \
 	google_test \
+        der_gtest \
         pk11_gtest \
         ssl_gtest \
 	$(NULL)
diff --git a/tests/all.sh b/tests/all.sh
@@ -37,6 +37,7 @@
 #   memleak.sh   - memory leak testing (optional)
 #   ssl_gtests.sh- Gtest based unit tests for ssl
 #   pk11_gtests.sh- Gtest based unit tests for PKCS#11
+#   der_gtests.sh- Gtest
 #
 # NSS testing is now devided to 4 cycles:
 # ---------------------------------------
@@ -206,7 +207,7 @@ run_cycle_upgrade_db()
 
     # run the subset of tests with the upgraded database
     TESTS="${ALL_TESTS}"
-    TESTS_SKIP="cipher libpkix cert dbtests sdr ocsp pkits chains ssl_gtests pk11_gtests"
+    TESTS_SKIP="cipher libpkix cert dbtests sdr ocsp pkits chains ssl_gtests pk11_gtests der_gtests"
 
     echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
     RET=$?
@@ -237,7 +238,7 @@ run_cycle_shared_db()
 
     # run the tests for native sharedb support
     TESTS="${ALL_TESTS}"
-    TESTS_SKIP="cipher libpkix dbupgrade sdr ocsp pkits ssl_gtests pk11_gtests"
+    TESTS_SKIP="cipher libpkix dbupgrade sdr ocsp pkits ssl_gtests pk11_gtests der_gtests"
 
     echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
     RET=$?
@@ -278,7 +279,7 @@ run_cycles()
 cycles="standard pkix upgradedb sharedb"
 CYCLES=${NSS_CYCLES:-$cycles}
 
-tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ssl_gtests pk11_gtests"
+tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ssl_gtests pk11_gtests der_gtests"
 TESTS=${NSS_TESTS:-$tests}
 
 ALL_TESTS=${TESTS}

diff --git a/tests/common/init.sh b/tests/common/init.sh
@@ -78,6 +78,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
         STAPLINGDIR=${HOSTDIR}/stapling
         SSLGTESTDIR=${HOSTDIR}/ssl_gtests
         PK11GTESTDIR=${HOSTDIR}/pk11_gtests
+        DERGTESTDIR=${HOSTDIR}/der_gtests
 
         PWFILE=${HOSTDIR}/tests.pw
         NOISE_FILE=${HOSTDIR}/tests_noise
@@ -542,6 +543,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
     R_STAPLINGDIR=../stapling
     R_SSLGTESTDIR=../ssl_gtests
     R_PK11GTESTDIR=../pk11_gtests
+    R_DERGTESTDIR=../der_gtests
 
     #
     # profiles are either paths or domains depending on the setting of

diff --git a/tests/der_gtests/der_gtests.sh b/tests/der_gtests/der_gtests.sh
@@ -0,0 +1,84 @@
+#! /bin/bash
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+########################################################################
+#
+# tests/der_gtests/der_gtests.sh
+#
+# Script to drive the DER unit gtests
+#
+# needs to work on all Unix and Windows platforms
+#
+# special strings
+# ---------------
+#   FIXME ... known problems, search for this string
+#   NOTE .... unexpected behavior
+#
+########################################################################
+
+############################## der_gtest_init ##########################
+# local shell function to initialize this script
+########################################################################
+der_gtest_init()
+{
+  SCRIPTNAME=der_gtest.sh      # sourced - $0 would point to all.sh
+
+  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
+      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
+  fi
+  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
+      cd ../common
+      . ./init.sh
+  fi
+
+  SCRIPTNAME=der_gtest.sh
+  html_head DER Gtests
+
+  if [ ! -d "${DERGTESTDIR}" ]; then
+    mkdir -p "${DERGTESTDIR}"
+  fi
+
+  cd "${DERGTESTDIR}"
+}
+
+########################## der_gtest_start #########################
+# Local function to actually start the test
+####################################################################
+der_gtest_start()
+{
+  if [ ! -f ${BINDIR}/der_gtest ]; then
+    html_unknown "Skipping der_gtest (not built)"
+    return
+  fi
+
+  # Temporarily disable asserts for PKCS#11 slot leakage (Bug 1168425)
+  unset NSS_STRICT_SHUTDOWN
+  DERGTESTREPORT="${DERGTESTDIR}/report.xml"
+  ${BINDIR}/der_gtest -d "${DERGTESTDIR}" --gtest_output=xml:"${DERGTESTREPORT}"
+  html_msg $? 0 "der_gtest run successfully"
+  sed -f ${COMMON}/parsegtestreport.sed "${DERGTESTREPORT}" | \
+  while read result name; do
+    if [ "$result" = "notrun" ]; then
+      echo "$name" SKIPPED
+    elif [ "$result" = "run" ]; then
+      html_passed "$name" > /dev/null
+    else
+      html_failed "$name"
+    fi
+  done
+}
+
+der_gtest_cleanup()
+{
+  cd ${QADIR}
+  . common/cleanup.sh
+}
+
+################## main #################################################
+cd "$(dirname "$0")"
+der_gtest_init
+der_gtest_start
+der_gtest_cleanup