// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "parse_values.h" #include #include namespace bssl::der::test { namespace { template Input FromStringLiteral(const char (&data)[N]) { // Strings are null-terminated. The null terminating byte shouldn't be // included in the Input, so the size is N - 1 instead of N. return Input(reinterpret_cast(data), N - 1); } } // namespace TEST(ParseValuesTest, ParseBool) { uint8_t buf[] = {0xFF, 0x00}; Input value(buf, 1); bool out; EXPECT_TRUE(ParseBool(value, &out)); EXPECT_TRUE(out); buf[0] = 0; EXPECT_TRUE(ParseBool(value, &out)); EXPECT_FALSE(out); buf[0] = 1; EXPECT_FALSE(ParseBool(value, &out)); EXPECT_TRUE(ParseBoolRelaxed(value, &out)); EXPECT_TRUE(out); buf[0] = 0xFF; value = Input(buf, 2); EXPECT_FALSE(ParseBool(value, &out)); value = Input(buf, 0); EXPECT_FALSE(ParseBool(value, &out)); } TEST(ParseValuesTest, ParseTimes) { GeneralizedTime out; EXPECT_TRUE(ParseUTCTime(FromStringLiteral("140218161200Z"), &out)); // DER-encoded UTCTime must end with 'Z'. EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200X"), &out)); // Check that a negative number (-4 in this case) doesn't get parsed as // a 2-digit number. EXPECT_FALSE(ParseUTCTime(FromStringLiteral("-40218161200Z"), &out)); // Check that numbers with a leading 0 don't get parsed in octal by making // the second digit an invalid octal digit (e.g. 09). EXPECT_TRUE(ParseUTCTime(FromStringLiteral("090218161200Z"), &out)); // Check that the length is validated. EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200"), &out)); EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200Z0"), &out)); // Check strictness of UTCTime parsers. EXPECT_FALSE(ParseUTCTime(FromStringLiteral("1402181612Z"), &out)); // Check format of GeneralizedTime. // Years 0 and 9999 are allowed. EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("00000101000000Z"), &out)); EXPECT_EQ(0, out.year); EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("99991231235960Z"), &out)); EXPECT_EQ(9999, out.year); // Leap seconds are allowed. EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20140218161260Z"), &out)); // But nothing larger than a leap second. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140218161261Z"), &out)); // Minutes only go up to 59. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140218166000Z"), &out)); // Hours only go up to 23. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140218240000Z"), &out)); // The 0th day of a month is invalid. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140200161200Z"), &out)); // The 0th month is invalid. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140018161200Z"), &out)); // Months greater than 12 are invalid. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20141318161200Z"), &out)); // Some months have 31 days. EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20140131000000Z"), &out)); // September has only 30 days. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140931000000Z"), &out)); // February has only 28 days... EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140229000000Z"), &out)); // ... unless it's a leap year. EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20160229000000Z"), &out)); // There aren't any leap days in years divisible by 100... EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("21000229000000Z"), &out)); // ...unless it's also divisible by 400. EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20000229000000Z"), &out)); // Check more perverse invalid inputs. // Check that trailing null bytes are not ignored. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20001231010203Z\0"), &out)); // Check what happens when a null byte is in the middle of the input. EXPECT_FALSE(ParseGeneralizedTime(FromStringLiteral("200\0" "1231010203Z"), &out)); // The year can't be in hex. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("0x201231000000Z"), &out)); // The last byte must be 'Z'. EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20001231000000X"), &out)); // Check that the length is validated. EXPECT_FALSE(ParseGeneralizedTime(FromStringLiteral("20140218161200"), &out)); EXPECT_FALSE( ParseGeneralizedTime(FromStringLiteral("20140218161200Z0"), &out)); } TEST(ParseValuesTest, TimesCompare) { GeneralizedTime time1; GeneralizedTime time2; GeneralizedTime time3; ASSERT_TRUE( ParseGeneralizedTime(FromStringLiteral("20140218161200Z"), &time1)); // Test that ParseUTCTime correctly normalizes the year. ASSERT_TRUE(ParseUTCTime(FromStringLiteral("150218161200Z"), &time2)); ASSERT_TRUE( ParseGeneralizedTime(FromStringLiteral("20160218161200Z"), &time3)); EXPECT_TRUE(time1 < time2); EXPECT_TRUE(time2 < time3); EXPECT_TRUE(time2 > time1); EXPECT_TRUE(time2 >= time1); EXPECT_TRUE(time2 <= time3); EXPECT_TRUE(time1 <= time1); EXPECT_TRUE(time1 >= time1); } TEST(ParseValuesTest, UTCTimeRange) { GeneralizedTime time; ASSERT_TRUE( ParseGeneralizedTime(FromStringLiteral("20140218161200Z"), &time)); EXPECT_TRUE(time.InUTCTimeRange()); time.year = 1950; EXPECT_TRUE(time.InUTCTimeRange()); time.year = 1949; EXPECT_FALSE(time.InUTCTimeRange()); time.year = 2049; EXPECT_TRUE(time.InUTCTimeRange()); time.year = 2050; EXPECT_FALSE(time.InUTCTimeRange()); } struct Uint64TestData { bool should_pass; const uint8_t input[9]; size_t length; uint64_t expected_value = 0; }; const Uint64TestData kUint64TestData[] = { {true, {0x00}, 1, 0}, // This number fails because it is not a minimal representation. {false, {0x00, 0x00}, 2}, {true, {0x01}, 1, 1}, {false, {0xFF}, 1}, {true, {0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 8, INT64_MAX}, {true, {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 9, UINT64_MAX}, // This number fails because it is negative. {false, {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 8}, {false, {0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 8}, {false, {0x00, 0x01}, 2}, {false, {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09}, 9}, {false, {0}, 0}, }; TEST(ParseValuesTest, ParseUint64) { for (size_t i = 0; i < std::size(kUint64TestData); i++) { const Uint64TestData &test_case = kUint64TestData[i]; SCOPED_TRACE(i); uint64_t result; EXPECT_EQ(test_case.should_pass, ParseUint64(Input(test_case.input, test_case.length), &result)); if (test_case.should_pass) { EXPECT_EQ(test_case.expected_value, result); } } } struct Uint8TestData { bool should_pass; const uint8_t input[9]; size_t length; uint8_t expected_value = 0; }; const Uint8TestData kUint8TestData[] = { {true, {0x00}, 1, 0}, // This number fails because it is not a minimal representation. {false, {0x00, 0x00}, 2}, {true, {0x01}, 1, 1}, {false, {0x01, 0xFF}, 2}, {false, {0x03, 0x83}, 2}, {true, {0x7F}, 1, 0x7F}, {true, {0x00, 0xFF}, 2, 0xFF}, // This number fails because it is negative. {false, {0xFF}, 1}, {false, {0x80}, 1}, {false, {0x00, 0x01}, 2}, {false, {0}, 0}, }; TEST(ParseValuesTest, ParseUint8) { for (size_t i = 0; i < std::size(kUint8TestData); i++) { const Uint8TestData &test_case = kUint8TestData[i]; SCOPED_TRACE(i); uint8_t result; EXPECT_EQ(test_case.should_pass, ParseUint8(Input(test_case.input, test_case.length), &result)); if (test_case.should_pass) { EXPECT_EQ(test_case.expected_value, result); } } } struct IsValidIntegerTestData { bool should_pass; const uint8_t input[2]; size_t length; bool negative = false; }; const IsValidIntegerTestData kIsValidIntegerTestData[] = { // Empty input (invalid DER). {false, {0x00}, 0}, // The correct encoding for zero. {true, {0x00}, 1, false}, // Invalid representation of zero (not minimal) {false, {0x00, 0x00}, 2}, // Valid single byte negative numbers. {true, {0x80}, 1, true}, {true, {0xFF}, 1, true}, // Non-minimal negative number. {false, {0xFF, 0x80}, 2}, // Positive number with a legitimate leading zero. {true, {0x00, 0x80}, 2, false}, // A legitimate negative number that starts with FF (MSB of second byte is // 0 so OK). {true, {0xFF, 0x7F}, 2, true}, }; TEST(ParseValuesTest, IsValidInteger) { for (size_t i = 0; i < std::size(kIsValidIntegerTestData); i++) { const auto &test_case = kIsValidIntegerTestData[i]; SCOPED_TRACE(i); bool negative; EXPECT_EQ( test_case.should_pass, IsValidInteger(Input(test_case.input, test_case.length), &negative)); if (test_case.should_pass) { EXPECT_EQ(test_case.negative, negative); } } } // Tests parsing an empty BIT STRING. TEST(ParseValuesTest, ParseBitStringEmptyNoUnusedBits) { const uint8_t kData[] = {0x00}; std::optional bit_string = ParseBitString(Input(kData)); ASSERT_TRUE(bit_string.has_value()); EXPECT_EQ(0u, bit_string->unused_bits()); EXPECT_EQ(0u, bit_string->bytes().size()); EXPECT_FALSE(bit_string->AssertsBit(0)); EXPECT_FALSE(bit_string->AssertsBit(1)); EXPECT_FALSE(bit_string->AssertsBit(3)); } // Tests parsing an empty BIT STRING that incorrectly claims one unused bit. TEST(ParseValuesTest, ParseBitStringEmptyOneUnusedBit) { const uint8_t kData[] = {0x01}; std::optional bit_string = ParseBitString(Input(kData)); EXPECT_FALSE(bit_string.has_value()); } // Tests parsing an empty BIT STRING that is not minmally encoded (the entire // last byte is comprised of unused bits). TEST(ParseValuesTest, ParseBitStringNonEmptyTooManyUnusedBits) { const uint8_t kData[] = {0x08, 0x00}; std::optional bit_string = ParseBitString(Input(kData)); EXPECT_FALSE(bit_string.has_value()); } // Tests parsing a BIT STRING of 7 bits each of which are 1. TEST(ParseValuesTest, ParseBitStringSevenOneBits) { const uint8_t kData[] = {0x01, 0xFE}; std::optional bit_string = ParseBitString(Input(kData)); ASSERT_TRUE(bit_string.has_value()); EXPECT_EQ(1u, bit_string->unused_bits()); EXPECT_EQ(1u, bit_string->bytes().size()); EXPECT_EQ(0xFE, bit_string->bytes()[0]); EXPECT_TRUE(bit_string->AssertsBit(0)); EXPECT_TRUE(bit_string->AssertsBit(1)); EXPECT_TRUE(bit_string->AssertsBit(2)); EXPECT_TRUE(bit_string->AssertsBit(3)); EXPECT_TRUE(bit_string->AssertsBit(4)); EXPECT_TRUE(bit_string->AssertsBit(5)); EXPECT_TRUE(bit_string->AssertsBit(6)); EXPECT_FALSE(bit_string->AssertsBit(7)); EXPECT_FALSE(bit_string->AssertsBit(8)); } // Tests parsing a BIT STRING of 7 bits each of which are 1. The unused bit // however is set to 1, which is an invalid encoding. TEST(ParseValuesTest, ParseBitStringSevenOneBitsUnusedBitIsOne) { const uint8_t kData[] = {0x01, 0xFF}; std::optional bit_string = ParseBitString(Input(kData)); EXPECT_FALSE(bit_string.has_value()); } TEST(ParseValuesTest, ParseIA5String) { const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72, 0x01, 0x7f}; std::string s; EXPECT_TRUE(ParseIA5String(der::Input(valid_der), &s)); EXPECT_EQ("Foo bar\x01\x7f", s); // 0x80 is not a valid character in IA5String. const uint8_t invalid_der[] = {0x46, 0x6f, 0x80, 0x20, 0x62, 0x61, 0x72}; EXPECT_FALSE(ParseIA5String(der::Input(invalid_der), &s)); } TEST(ParseValuesTest, ParseVisibleString) { const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72, 0x7e}; std::string s; EXPECT_TRUE(ParseVisibleString(der::Input(valid_der), &s)); EXPECT_EQ("Foo bar\x7e", s); // 0x7f is not a valid character in VisibleString const uint8_t invalid_der[] = {0x46, 0x6f, 0x7f, 0x20, 0x62, 0x61, 0x72}; EXPECT_FALSE(ParseVisibleString(der::Input(invalid_der), &s)); // 0x1f is not a valid character in VisibleString const uint8_t invalid_der2[] = {0x46, 0x6f, 0x1f, 0x20, 0x62, 0x61, 0x72}; EXPECT_FALSE(ParseVisibleString(der::Input(invalid_der2), &s)); } TEST(ParseValuesTest, ParsePrintableString) { const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72}; std::string s; EXPECT_TRUE(ParsePrintableString(der::Input(valid_der), &s)); EXPECT_EQ("Foo bar", s); // 0x5f '_' is not a valid character in PrintableString. const uint8_t invalid_der[] = {0x46, 0x6f, 0x5f, 0x20, 0x62, 0x61, 0x72}; EXPECT_FALSE(ParsePrintableString(der::Input(invalid_der), &s)); } TEST(ParseValuesTest, ParseTeletexStringAsLatin1) { const uint8_t valid_der[] = {0x46, 0x6f, 0xd6, 0x20, 0x62, 0x61, 0x72}; std::string s; EXPECT_TRUE(ParseTeletexStringAsLatin1(der::Input(valid_der), &s)); EXPECT_EQ("FoÖ bar", s); } TEST(ParseValuesTest, ParseBmpString) { const uint8_t valid_der[] = {0x00, 0x66, 0x00, 0x6f, 0x00, 0x6f, 0x00, 0x62, 0x00, 0x61, 0x00, 0x72}; std::string s; EXPECT_TRUE(ParseBmpString(der::Input(valid_der), &s)); EXPECT_EQ("foobar", s); const uint8_t valid_nonascii_der[] = {0x27, 0x28, 0x26, 0xa1, 0x2b, 0x50}; EXPECT_TRUE(ParseBmpString(der::Input(valid_nonascii_der), &s)); EXPECT_EQ("✨⚡⭐", s); // BmpString must encode characters in pairs of 2 bytes. const uint8_t invalid_odd_der[] = {0x00, 0x66, 0x00, 0x6f, 0x00}; EXPECT_FALSE(ParseBmpString(der::Input(invalid_odd_der), &s)); // UTF-16BE encoding of U+1D11E, MUSICAL SYMBOL G CLEF, which is not valid in // UCS-2. const uint8_t invalid_bmp_valid_utf16_with_surrogate[] = {0xd8, 0x34, 0xdd, 0x1e}; EXPECT_FALSE( ParseBmpString(der::Input(invalid_bmp_valid_utf16_with_surrogate), &s)); } TEST(ParseValuesTest, ParseUniversalString) { const uint8_t valid_der[] = {0x00, 0x00, 0x00, 0x66, 0x00, 0x00, 0x00, 0x6f, 0x00, 0x00, 0x00, 0x6f, 0x00, 0x00, 0x00, 0x62, 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x72}; std::string s; EXPECT_TRUE(ParseUniversalString(der::Input(valid_der), &s)); EXPECT_EQ("foobar", s); const uint8_t valid_non_ascii_der[] = {0x0, 0x1, 0xf4, 0xe, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1, 0xd1, 0x1e, 0x0, 0x0, 0x26, 0x69, 0x0, 0x0, 0x26, 0x6b}; EXPECT_TRUE(ParseUniversalString(der::Input(valid_non_ascii_der), &s)); EXPECT_EQ("🐎 𝄞♩♫", s); // UniversalString must encode characters in groups of 4 bytes. const uint8_t invalid_non_4_multiple_der[] = {0x00, 0x00, 0x00, 0x66, 0x00, 0x00}; EXPECT_FALSE( ParseUniversalString(der::Input(invalid_non_4_multiple_der), &s)); } } // namespace bssl::der::test