1 /*
2 * Copyright 2017-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12
13 #include <openssl/rand.h>
14 #include <openssl/asn1t.h>
15 #include "internal/numbers.h"
16 #include "testutil.h"
17
18 #ifdef __GNUC__
19 #pragma GCC diagnostic ignored "-Wunused-function"
20 #pragma GCC diagnostic ignored "-Wformat"
21 #endif
22 #ifdef __clang__
23 #pragma clang diagnostic ignored "-Wunused-function"
24 #pragma clang diagnostic ignored "-Wformat"
25 #endif
26
27 /***** Custom test data ******************************************************/
28
29 /*
30 * We conduct tests with these arrays for every type we try out.
31 * You will find the expected results together with the test structures
32 * for each type, further down.
33 */
34
35 static unsigned char t_zero[] = {
36 0x00
37 };
38 static unsigned char t_one[] = {
39 0x01
40 };
41 static unsigned char t_one_neg[] = {
42 0xff
43 };
44 static unsigned char t_minus_256[] = {
45 0xff, 0x00
46 };
47 static unsigned char t_longundef[] = {
48 0x7f, 0xff, 0xff, 0xff
49 };
50 static unsigned char t_9bytes_1[] = {
51 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
52 };
53 static unsigned char t_8bytes_1[] = {
54 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
55 };
56 static unsigned char t_8bytes_2[] = {
57 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
58 };
59 static unsigned char t_8bytes_3_pad[] = {
60 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
61 };
62 static unsigned char t_8bytes_4_neg[] = {
63 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
64 };
65 static unsigned char t_8bytes_5_negpad[] = {
66 0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
67 };
68
69 /* 32-bit long */
70 static unsigned char t_5bytes_1[] = {
71 0x01, 0xff, 0xff, 0xff, 0xff
72 };
73 static unsigned char t_4bytes_1[] = {
74 0x00, 0x80, 0x00, 0x00, 0x00
75 };
76 /* We make the last byte 0xfe to avoid a clash with ASN1_LONG_UNDEF */
77 static unsigned char t_4bytes_2[] = {
78 0x7f, 0xff, 0xff, 0xfe
79 };
80 static unsigned char t_4bytes_3_pad[] = {
81 0x00, 0x7f, 0xff, 0xff, 0xfe
82 };
83 static unsigned char t_4bytes_4_neg[] = {
84 0x80, 0x00, 0x00, 0x00
85 };
86 static unsigned char t_4bytes_5_negpad[] = {
87 0xff, 0x80, 0x00, 0x00, 0x00
88 };
89
90 typedef struct {
91 unsigned char *bytes1;
92 size_t nbytes1;
93 unsigned char *bytes2;
94 size_t nbytes2;
95 } TEST_CUSTOM_DATA;
96 #define CUSTOM_DATA(v) \
97 { v, sizeof(v), t_one, sizeof(t_one) }, \
98 { \
99 t_one, sizeof(t_one), v, sizeof(v) \
100 }
101
102 static TEST_CUSTOM_DATA test_custom_data[] = {
103 CUSTOM_DATA(t_zero),
104 CUSTOM_DATA(t_longundef),
105 CUSTOM_DATA(t_one),
106 CUSTOM_DATA(t_one_neg),
107 CUSTOM_DATA(t_minus_256),
108 CUSTOM_DATA(t_9bytes_1),
109 CUSTOM_DATA(t_8bytes_1),
110 CUSTOM_DATA(t_8bytes_2),
111 CUSTOM_DATA(t_8bytes_3_pad),
112 CUSTOM_DATA(t_8bytes_4_neg),
113 CUSTOM_DATA(t_8bytes_5_negpad),
114 CUSTOM_DATA(t_5bytes_1),
115 CUSTOM_DATA(t_4bytes_1),
116 CUSTOM_DATA(t_4bytes_2),
117 CUSTOM_DATA(t_4bytes_3_pad),
118 CUSTOM_DATA(t_4bytes_4_neg),
119 CUSTOM_DATA(t_4bytes_5_negpad),
120 };
121
122 /***** Type specific test data ***********************************************/
123
124 /*
125 * First, a few utility things that all type specific data can use, or in some
126 * cases, MUST use.
127 */
128
129 /*
130 * For easy creation of arrays of expected data. These macros correspond to
131 * the uses of CUSTOM_DATA above.
132 */
133 #define CUSTOM_EXPECTED_SUCCESS(num, znum) \
134 { 0xff, num, 1 }, \
135 { \
136 0xff, 1, znum \
137 }
138 #define CUSTOM_EXPECTED_FAILURE \
139 { 0, 0, 0 }, \
140 { 0, 0, 0 }
141
142 /*
143 * A structure to collect all test information in. There MUST be one instance
144 * of this for each test
145 */
146 typedef int i2d_fn(void *a, unsigned char **pp);
147 typedef void *d2i_fn(void **a, unsigned char **pp, long length);
148 typedef void ifree_fn(void *a);
149 typedef struct {
150 ASN1_ITEM_EXP *asn1_type;
151 const char *name;
152 int skip; /* 1 if this package should be skipped */
153
154 /* An array of structures to compare decoded custom data with */
155 void *encode_expectations;
156 size_t encode_expectations_size;
157 size_t encode_expectations_elem_size;
158
159 /*
160 * An array of structures that are encoded into a DER blob, which is
161 * then decoded, and result gets compared with the original.
162 */
163 void *encdec_data;
164 size_t encdec_data_size;
165 size_t encdec_data_elem_size;
166
167 /* The i2d function to use with this type */
168 i2d_fn *i2d;
169 /* The d2i function to use with this type */
170 d2i_fn *d2i;
171 /* Function to free a decoded structure */
172 ifree_fn *ifree;
173 } TEST_PACKAGE;
174
175 /* To facilitate the creation of an encdec_data array */
176 #define ENCDEC_DATA(num, znum) \
177 { 0xff, num, 1 }, { 0xff, 1, znum }
178 #define ENCDEC_ARRAY(max, zmax, min, zmin) \
179 ENCDEC_DATA(max, zmax), \
180 ENCDEC_DATA(min, zmin), \
181 ENCDEC_DATA(1, 1), \
182 ENCDEC_DATA(-1, -1), \
183 ENCDEC_DATA(0, ASN1_LONG_UNDEF)
184
185 #ifndef OPENSSL_NO_DEPRECATED_3_0
186 /***** LONG ******************************************************************/
187
188 typedef struct {
189 /* If decoding is expected to succeed, set this to 1, otherwise 0 */
190 ASN1_BOOLEAN success;
191 long test_long;
192 long test_zlong;
193 } ASN1_LONG_DATA;
194
195 ASN1_SEQUENCE(ASN1_LONG_DATA) = {
196 ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_BOOLEAN),
197 ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG),
198 ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0)
199 } static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
200
201 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
202 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
203
204 static ASN1_LONG_DATA long_expected_32bit[] = {
205 /* The following should fail on the second because it's the default */
206 { 0xff, 0, 1 },
207 { 0, 0, 0 }, /* t_zero */
208 { 0, 0, 0 },
209 { 0xff, 1, 0x7fffffff }, /* t_longundef */
210 CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
211 CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
212 CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
213 CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
214 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
215 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
216 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
217 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
218 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
219 CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */
220 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_1 (too large positive) */
221 CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX - 1), /* t_4bytes_2 */
222 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
223 CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
224 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
225 };
226 static ASN1_LONG_DATA long_encdec_data_32bit[] = {
227 ENCDEC_ARRAY(LONG_MAX - 1, LONG_MAX, LONG_MIN, LONG_MIN),
228 /* Check that default numbers fail */
229 { 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 }
230 };
231
232 static TEST_PACKAGE long_test_package_32bit = {
233 ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 4,
234 long_expected_32bit,
235 sizeof(long_expected_32bit), sizeof(long_expected_32bit[0]),
236 long_encdec_data_32bit,
237 sizeof(long_encdec_data_32bit), sizeof(long_encdec_data_32bit[0]),
238 (i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA,
239 (ifree_fn *)ASN1_LONG_DATA_free
240 };
241
242 static ASN1_LONG_DATA long_expected_64bit[] = {
243 /* The following should fail on the second because it's the default */
244 { 0xff, 0, 1 },
245 { 0, 0, 0 }, /* t_zero */
246 { 0, 0, 0 },
247 { 0xff, 1, 0x7fffffff }, /* t_longundef */
248 CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
249 CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
250 CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
251 CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
252 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
253 CUSTOM_EXPECTED_SUCCESS(LONG_MAX, LONG_MAX), /* t_8bytes_2 */
254 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad (illegal padding) */
255 CUSTOM_EXPECTED_SUCCESS(LONG_MIN, LONG_MIN), /* t_8bytes_4_neg */
256 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad (illegal padding) */
257 CUSTOM_EXPECTED_SUCCESS((long)0x1ffffffff, (long)0x1ffffffff), /* t_5bytes_1 */
258 CUSTOM_EXPECTED_SUCCESS((long)0x80000000, (long)0x80000000), /* t_4bytes_1 */
259 CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX - 1), /* t_4bytes_2 */
260 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
261 CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
262 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
263 };
264 static ASN1_LONG_DATA long_encdec_data_64bit[] = {
265 ENCDEC_ARRAY(LONG_MAX, LONG_MAX, LONG_MIN, LONG_MIN),
266 /* Check that default numbers fail */
267 { 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 }
268 };
269
270 static TEST_PACKAGE long_test_package_64bit = {
271 ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 8,
272 long_expected_64bit,
273 sizeof(long_expected_64bit), sizeof(long_expected_64bit[0]),
274 long_encdec_data_64bit,
275 sizeof(long_encdec_data_64bit), sizeof(long_encdec_data_64bit[0]),
276 (i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA,
277 (ifree_fn *)ASN1_LONG_DATA_free
278 };
279 #endif
280
281 /***** INT32 *****************************************************************/
282
283 typedef struct {
284 ASN1_BOOLEAN success;
285 int32_t test_int32;
286 int32_t test_zint32;
287 } ASN1_INT32_DATA;
288
289 ASN1_SEQUENCE(ASN1_INT32_DATA) = {
290 ASN1_SIMPLE(ASN1_INT32_DATA, success, ASN1_BOOLEAN),
291 ASN1_EMBED(ASN1_INT32_DATA, test_int32, INT32),
292 ASN1_EXP_OPT_EMBED(ASN1_INT32_DATA, test_zint32, ZINT32, 0)
293 } static_ASN1_SEQUENCE_END(ASN1_INT32_DATA)
294
295 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT32_DATA)
296 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT32_DATA)
297
298 static ASN1_INT32_DATA int32_expected[] = {
299 CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
300 CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
301 CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
302 CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
303 CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
304 CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
305 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
306 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
307 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
308 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
309 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
310 CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */
311 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_1 (too large positive) */
312 CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX - 1), /* t_4bytes_2 */
313 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
314 CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
315 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
316 };
317 static ASN1_INT32_DATA int32_encdec_data[] = {
318 ENCDEC_ARRAY(INT32_MAX, INT32_MAX, INT32_MIN, INT32_MIN),
319 };
320
321 static TEST_PACKAGE int32_test_package = {
322 ASN1_ITEM_ref(ASN1_INT32_DATA), "INT32", 0,
323 int32_expected, sizeof(int32_expected), sizeof(int32_expected[0]),
324 int32_encdec_data, sizeof(int32_encdec_data), sizeof(int32_encdec_data[0]),
325 (i2d_fn *)i2d_ASN1_INT32_DATA, (d2i_fn *)d2i_ASN1_INT32_DATA,
326 (ifree_fn *)ASN1_INT32_DATA_free
327 };
328
329 /***** UINT32 ****************************************************************/
330
331 typedef struct {
332 ASN1_BOOLEAN success;
333 uint32_t test_uint32;
334 uint32_t test_zuint32;
335 } ASN1_UINT32_DATA;
336
337 ASN1_SEQUENCE(ASN1_UINT32_DATA) = {
338 ASN1_SIMPLE(ASN1_UINT32_DATA, success, ASN1_BOOLEAN),
339 ASN1_EMBED(ASN1_UINT32_DATA, test_uint32, UINT32),
340 ASN1_EXP_OPT_EMBED(ASN1_UINT32_DATA, test_zuint32, ZUINT32, 0)
341 } static_ASN1_SEQUENCE_END(ASN1_UINT32_DATA)
342
343 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT32_DATA)
344 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT32_DATA)
345
346 static ASN1_UINT32_DATA uint32_expected[] = {
347 CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
348 CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
349 CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
350 CUSTOM_EXPECTED_FAILURE, /* t_one_neg (illegal negative value) */
351 CUSTOM_EXPECTED_FAILURE, /* t_minus_256 (illegal negative value) */
352 CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
353 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
354 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
355 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
356 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
357 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
358 CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */
359 CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
360 CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX - 1), /* t_4bytes_2 */
361 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
362 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_4_neg (illegal negative value) */
363 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
364 };
365 static ASN1_UINT32_DATA uint32_encdec_data[] = {
366 ENCDEC_ARRAY(UINT32_MAX, UINT32_MAX, 0, 0),
367 };
368
369 static TEST_PACKAGE uint32_test_package = {
370 ASN1_ITEM_ref(ASN1_UINT32_DATA), "UINT32", 0,
371 uint32_expected, sizeof(uint32_expected), sizeof(uint32_expected[0]),
372 uint32_encdec_data, sizeof(uint32_encdec_data), sizeof(uint32_encdec_data[0]),
373 (i2d_fn *)i2d_ASN1_UINT32_DATA, (d2i_fn *)d2i_ASN1_UINT32_DATA,
374 (ifree_fn *)ASN1_UINT32_DATA_free
375 };
376
377 /***** INT64 *****************************************************************/
378
379 typedef struct {
380 ASN1_BOOLEAN success;
381 int64_t test_int64;
382 int64_t test_zint64;
383 } ASN1_INT64_DATA;
384
385 ASN1_SEQUENCE(ASN1_INT64_DATA) = {
386 ASN1_SIMPLE(ASN1_INT64_DATA, success, ASN1_BOOLEAN),
387 ASN1_EMBED(ASN1_INT64_DATA, test_int64, INT64),
388 ASN1_EXP_OPT_EMBED(ASN1_INT64_DATA, test_zint64, ZINT64, 0)
389 } static_ASN1_SEQUENCE_END(ASN1_INT64_DATA)
390
391 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT64_DATA)
392 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT64_DATA)
393
394 static ASN1_INT64_DATA int64_expected[] = {
395 CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
396 CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
397 CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
398 CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
399 CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
400 CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
401 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 (too large positive) */
402 CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
403 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad (illegal padding) */
404 CUSTOM_EXPECTED_SUCCESS(INT64_MIN, INT64_MIN), /* t_8bytes_4_neg */
405 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad (illegal padding) */
406 CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */
407 CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
408 CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX - 1), /* t_4bytes_2 */
409 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
410 CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
411 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
412 };
413 static ASN1_INT64_DATA int64_encdec_data[] = {
414 ENCDEC_ARRAY(INT64_MAX, INT64_MAX, INT64_MIN, INT64_MIN),
415 ENCDEC_ARRAY(INT32_MAX, INT32_MAX, INT32_MIN, INT32_MIN),
416 };
417
418 static TEST_PACKAGE int64_test_package = {
419 ASN1_ITEM_ref(ASN1_INT64_DATA), "INT64", 0,
420 int64_expected, sizeof(int64_expected), sizeof(int64_expected[0]),
421 int64_encdec_data, sizeof(int64_encdec_data), sizeof(int64_encdec_data[0]),
422 (i2d_fn *)i2d_ASN1_INT64_DATA, (d2i_fn *)d2i_ASN1_INT64_DATA,
423 (ifree_fn *)ASN1_INT64_DATA_free
424 };
425
426 /***** UINT64 ****************************************************************/
427
428 typedef struct {
429 ASN1_BOOLEAN success;
430 uint64_t test_uint64;
431 uint64_t test_zuint64;
432 } ASN1_UINT64_DATA;
433
434 ASN1_SEQUENCE(ASN1_UINT64_DATA) = {
435 ASN1_SIMPLE(ASN1_UINT64_DATA, success, ASN1_BOOLEAN),
436 ASN1_EMBED(ASN1_UINT64_DATA, test_uint64, UINT64),
437 ASN1_EXP_OPT_EMBED(ASN1_UINT64_DATA, test_zuint64, ZUINT64, 0)
438 } static_ASN1_SEQUENCE_END(ASN1_UINT64_DATA)
439
440 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT64_DATA)
441 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT64_DATA)
442
443 static ASN1_UINT64_DATA uint64_expected[] = {
444 CUSTOM_EXPECTED_SUCCESS(0, 0), /* t_zero */
445 CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
446 CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
447 CUSTOM_EXPECTED_FAILURE, /* t_one_neg (illegal negative value) */
448 CUSTOM_EXPECTED_FAILURE, /* t_minus_256 (illegal negative value) */
449 CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
450 CUSTOM_EXPECTED_SUCCESS((uint64_t)INT64_MAX + 1, (uint64_t)INT64_MAX + 1),
451 /* t_8bytes_1 */
452 CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
453 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
454 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
455 CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */
456 CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */
457 CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
458 CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX - 1), /* t_4bytes_2 */
459 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
460 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_4_neg (illegal negative value) */
461 CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
462 };
463 static ASN1_UINT64_DATA uint64_encdec_data[] = {
464 ENCDEC_ARRAY(UINT64_MAX, UINT64_MAX, 0, 0),
465 };
466
467 static TEST_PACKAGE uint64_test_package = {
468 ASN1_ITEM_ref(ASN1_UINT64_DATA), "UINT64", 0,
469 uint64_expected, sizeof(uint64_expected), sizeof(uint64_expected[0]),
470 uint64_encdec_data, sizeof(uint64_encdec_data), sizeof(uint64_encdec_data[0]),
471 (i2d_fn *)i2d_ASN1_UINT64_DATA, (d2i_fn *)d2i_ASN1_UINT64_DATA,
472 (ifree_fn *)ASN1_UINT64_DATA_free
473 };
474
475 /***** General testing functions *********************************************/
476
477 /* Template structure to map onto any test data structure */
478 typedef struct {
479 ASN1_BOOLEAN success;
480 unsigned char bytes[1]; /* In reality, there's more */
481 } EXPECTED;
482
483 /*
484 * do_decode returns a tristate:
485 *
486 * -1 Couldn't decode
487 * 0 decoded structure wasn't what was expected (failure)
488 * 1 decoded structure was what was expected (success)
489 */
do_decode(unsigned char * bytes,long nbytes,const EXPECTED * expected,size_t expected_size,const TEST_PACKAGE * package)490 static int do_decode(unsigned char *bytes, long nbytes,
491 const EXPECTED *expected, size_t expected_size,
492 const TEST_PACKAGE *package)
493 {
494 EXPECTED *enctst = NULL;
495 const unsigned char *start;
496 int ret = 0;
497
498 start = bytes;
499 enctst = package->d2i(NULL, &bytes, nbytes);
500 if (enctst == NULL) {
501 if (expected->success == 0) {
502 ret = 1;
503 ERR_clear_error();
504 } else {
505 ret = -1;
506 }
507 } else {
508 if (start + nbytes == bytes
509 && memcmp(enctst, expected, expected_size) == 0)
510 ret = 1;
511 else
512 ret = 0;
513 }
514
515 package->ifree(enctst);
516 return ret;
517 }
518
519 /*
520 * do_encode returns a tristate:
521 *
522 * -1 Couldn't encode
523 * 0 encoded DER wasn't what was expected (failure)
524 * 1 encoded DER was what was expected (success)
525 */
do_encode(EXPECTED * input,const unsigned char * expected,size_t expected_len,const TEST_PACKAGE * package)526 static int do_encode(EXPECTED *input,
527 const unsigned char *expected, size_t expected_len,
528 const TEST_PACKAGE *package)
529 {
530 unsigned char *data = NULL;
531 int len;
532 int ret = 0;
533
534 len = package->i2d(input, &data);
535 if (len < 0)
536 return -1;
537
538 if ((size_t)len != expected_len
539 || memcmp(data, expected, expected_len) != 0) {
540 if (input->success == 0) {
541 ret = 1;
542 ERR_clear_error();
543 } else {
544 ret = 0;
545 }
546 } else {
547 ret = 1;
548 }
549
550 OPENSSL_free(data);
551 return ret;
552 }
553
554 /* Do an encode/decode round trip */
do_enc_dec(EXPECTED * bytes,long nbytes,const TEST_PACKAGE * package)555 static int do_enc_dec(EXPECTED *bytes, long nbytes,
556 const TEST_PACKAGE *package)
557 {
558 unsigned char *data = NULL;
559 int len;
560 int ret = 0;
561 void *p = bytes;
562
563 len = package->i2d(p, &data);
564 if (len < 0)
565 return -1;
566
567 ret = do_decode(data, len, bytes, nbytes, package);
568 OPENSSL_free(data);
569 return ret;
570 }
571
der_encode_length(size_t len,unsigned char ** pp)572 static size_t der_encode_length(size_t len, unsigned char **pp)
573 {
574 size_t lenbytes;
575
576 OPENSSL_assert(len < 0x8000);
577 if (len > 255)
578 lenbytes = 3;
579 else if (len > 127)
580 lenbytes = 2;
581 else
582 lenbytes = 1;
583
584 if (pp != NULL) {
585 if (lenbytes == 1) {
586 *(*pp)++ = (unsigned char)len;
587 } else {
588 *(*pp)++ = (unsigned char)(lenbytes - 1);
589 if (lenbytes == 2) {
590 *(*pp)++ = (unsigned char)(0x80 | len);
591 } else {
592 *(*pp)++ = (unsigned char)(0x80 | (len >> 8));
593 *(*pp)++ = (unsigned char)(len);
594 }
595 }
596 }
597 return lenbytes;
598 }
599
make_custom_der(const TEST_CUSTOM_DATA * custom_data,unsigned char ** encoding,int explicit_default)600 static size_t make_custom_der(const TEST_CUSTOM_DATA *custom_data,
601 unsigned char **encoding, int explicit_default)
602 {
603 size_t firstbytes, secondbytes = 0, secondbytesinner = 0, seqbytes;
604 const unsigned char t_true[] = { V_ASN1_BOOLEAN, 0x01, 0xff };
605 unsigned char *p = NULL;
606 size_t i;
607
608 /*
609 * The first item is just an INTEGER tag, INTEGER length and INTEGER content
610 */
611 firstbytes = 1 + der_encode_length(custom_data->nbytes1, NULL)
612 + custom_data->nbytes1;
613
614 for (i = custom_data->nbytes2; i > 0; i--) {
615 if (custom_data->bytes2[i - 1] != '\0')
616 break;
617 }
618 if (explicit_default || i > 0) {
619 /*
620 * The second item is an explicit tag, content length, INTEGER tag,
621 * INTEGER length, INTEGER bytes
622 */
623 secondbytesinner = 1 + der_encode_length(custom_data->nbytes2, NULL)
624 + custom_data->nbytes2;
625 secondbytes = 1 + der_encode_length(secondbytesinner, NULL) + secondbytesinner;
626 }
627
628 /*
629 * The whole sequence is the sequence tag, content length, BOOLEAN true
630 * (copied from t_true), the first (firstbytes) and second (secondbytes)
631 * items
632 */
633 seqbytes = 1 + der_encode_length(sizeof(t_true) + firstbytes + secondbytes, NULL)
634 + sizeof(t_true) + firstbytes + secondbytes;
635
636 *encoding = p = OPENSSL_malloc(seqbytes);
637 if (*encoding == NULL)
638 return 0;
639
640 /* Sequence tag */
641 *p++ = 0x30;
642 der_encode_length(sizeof(t_true) + firstbytes + secondbytes, &p);
643
644 /* ASN1_BOOLEAN TRUE */
645 memcpy(p, t_true, sizeof(t_true)); /* Marks decoding success */
646 p += sizeof(t_true);
647
648 /* First INTEGER item (non-optional) */
649 *p++ = V_ASN1_INTEGER;
650 der_encode_length(custom_data->nbytes1, &p);
651 memcpy(p, custom_data->bytes1, custom_data->nbytes1);
652 p += custom_data->nbytes1;
653
654 if (secondbytes > 0) {
655 /* Second INTEGER item (optional) */
656 /* Start with the explicit optional tag */
657 *p++ = 0xa0;
658 der_encode_length(secondbytesinner, &p);
659 *p++ = V_ASN1_INTEGER;
660 der_encode_length(custom_data->nbytes2, &p);
661 memcpy(p, custom_data->bytes2, custom_data->nbytes2);
662 p += custom_data->nbytes2;
663 }
664
665 OPENSSL_assert(seqbytes == (size_t)(p - *encoding));
666
667 return seqbytes;
668 }
669
670 /* Attempt to decode a custom encoding of the test structure */
do_decode_custom(const TEST_CUSTOM_DATA * custom_data,const EXPECTED * expected,size_t expected_size,const TEST_PACKAGE * package)671 static int do_decode_custom(const TEST_CUSTOM_DATA *custom_data,
672 const EXPECTED *expected, size_t expected_size,
673 const TEST_PACKAGE *package)
674 {
675 unsigned char *encoding = NULL;
676 /*
677 * We force the defaults to be explicitly encoded to make sure we test
678 * for defaults that shouldn't be present (i.e. we check for failure)
679 */
680 size_t encoding_length = make_custom_der(custom_data, &encoding, 1);
681 int ret;
682
683 if (encoding_length == 0)
684 return -1;
685
686 ret = do_decode(encoding, encoding_length, expected, expected_size,
687 package);
688 OPENSSL_free(encoding);
689
690 return ret;
691 }
692
693 /* Attempt to encode the test structure and compare it to custom DER */
do_encode_custom(EXPECTED * input,const TEST_CUSTOM_DATA * custom_data,const TEST_PACKAGE * package)694 static int do_encode_custom(EXPECTED *input,
695 const TEST_CUSTOM_DATA *custom_data,
696 const TEST_PACKAGE *package)
697 {
698 unsigned char *expected = NULL;
699 size_t expected_length = make_custom_der(custom_data, &expected, 0);
700 int ret;
701
702 if (expected_length == 0)
703 return -1;
704
705 ret = do_encode(input, expected, expected_length, package);
706 OPENSSL_free(expected);
707
708 return ret;
709 }
710
do_print_item(const TEST_PACKAGE * package)711 static int do_print_item(const TEST_PACKAGE *package)
712 {
713 #define DATA_BUF_SIZE 256
714 const ASN1_ITEM *i = ASN1_ITEM_ptr(package->asn1_type);
715 ASN1_VALUE *o;
716 int ret;
717
718 OPENSSL_assert(package->encode_expectations_elem_size <= DATA_BUF_SIZE);
719 if ((o = OPENSSL_malloc(DATA_BUF_SIZE)) == NULL)
720 return 0;
721
722 (void)RAND_bytes((unsigned char *)o,
723 (int)package->encode_expectations_elem_size);
724 ret = ASN1_item_print(bio_err, o, 0, i, NULL);
725 OPENSSL_free(o);
726
727 return ret;
728 }
729
test_intern(const TEST_PACKAGE * package)730 static int test_intern(const TEST_PACKAGE *package)
731 {
732 unsigned int i;
733 size_t nelems;
734 int fail = 0;
735
736 if (package->skip)
737 return 1;
738
739 /* Do decode_custom checks */
740 nelems = package->encode_expectations_size
741 / package->encode_expectations_elem_size;
742 OPENSSL_assert(nelems == OSSL_NELEM(test_custom_data));
743 for (i = 0; i < nelems; i++) {
744 size_t pos = i * package->encode_expectations_elem_size;
745 EXPECTED *expected
746 = (EXPECTED *)&((unsigned char *)package->encode_expectations)[pos];
747
748 switch (do_encode_custom(expected, &test_custom_data[i], package)) {
749 case -1:
750 if (expected->success) {
751 TEST_error("Failed custom encode round trip %u of %s",
752 i, package->name);
753 TEST_openssl_errors();
754 fail++;
755 }
756 break;
757 case 0:
758 TEST_error("Custom encode round trip %u of %s mismatch",
759 i, package->name);
760 TEST_openssl_errors();
761 fail++;
762 break;
763 case 1:
764 break;
765 default:
766 OPENSSL_die("do_encode_custom() return unknown value",
767 __FILE__, __LINE__);
768 }
769 switch (do_decode_custom(&test_custom_data[i], expected,
770 package->encode_expectations_elem_size,
771 package)) {
772 case -1:
773 if (expected->success) {
774 TEST_error("Failed custom decode round trip %u of %s",
775 i, package->name);
776 TEST_openssl_errors();
777 fail++;
778 }
779 break;
780 case 0:
781 TEST_error("Custom decode round trip %u of %s mismatch",
782 i, package->name);
783 TEST_openssl_errors();
784 fail++;
785 break;
786 case 1:
787 break;
788 default:
789 OPENSSL_die("do_decode_custom() return unknown value",
790 __FILE__, __LINE__);
791 }
792 }
793
794 /* Do enc_dec checks */
795 nelems = package->encdec_data_size / package->encdec_data_elem_size;
796 for (i = 0; i < nelems; i++) {
797 size_t pos = i * package->encdec_data_elem_size;
798 EXPECTED *expected
799 = (EXPECTED *)&((unsigned char *)package->encdec_data)[pos];
800
801 switch (do_enc_dec(expected, package->encdec_data_elem_size, package)) {
802 case -1:
803 if (expected->success) {
804 TEST_error("Failed encode/decode round trip %u of %s",
805 i, package->name);
806 TEST_openssl_errors();
807 fail++;
808 }
809 break;
810 case 0:
811 TEST_error("Encode/decode round trip %u of %s mismatch",
812 i, package->name);
813 fail++;
814 break;
815 case 1:
816 break;
817 default:
818 OPENSSL_die("do_enc_dec() return unknown value",
819 __FILE__, __LINE__);
820 }
821 }
822
823 if (!do_print_item(package)) {
824 TEST_error("Printing of %s failed", package->name);
825 TEST_openssl_errors();
826 fail++;
827 }
828
829 return fail == 0;
830 }
831
832 #ifndef OPENSSL_NO_DEPRECATED_3_0
test_long_32bit(void)833 static int test_long_32bit(void)
834 {
835 return test_intern(&long_test_package_32bit);
836 }
837
test_long_64bit(void)838 static int test_long_64bit(void)
839 {
840 return test_intern(&long_test_package_64bit);
841 }
842 #endif
843
test_int32(void)844 static int test_int32(void)
845 {
846 return test_intern(&int32_test_package);
847 }
848
test_uint32(void)849 static int test_uint32(void)
850 {
851 return test_intern(&uint32_test_package);
852 }
853
test_int64(void)854 static int test_int64(void)
855 {
856 return test_intern(&int64_test_package);
857 }
858
test_uint64(void)859 static int test_uint64(void)
860 {
861 return test_intern(&uint64_test_package);
862 }
863
864 typedef struct {
865 ASN1_STRING *invalidDirString;
866 } INVALIDTEMPLATE;
867
868 ASN1_SEQUENCE(INVALIDTEMPLATE) = {
869 /*
870 * DirectoryString is a CHOICE type so it must use explicit tagging -
871 * but we deliberately use implicit here, which makes this template invalid.
872 */
873 ASN1_IMP(INVALIDTEMPLATE, invalidDirString, DIRECTORYSTRING, 12)
874 } static_ASN1_SEQUENCE_END(INVALIDTEMPLATE)
875
876 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(INVALIDTEMPLATE)
877 IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(INVALIDTEMPLATE)
878
879 static int test_invalid_template(void)
880 {
881 INVALIDTEMPLATE *temp = INVALIDTEMPLATE_new();
882 int ret;
883
884 if (!TEST_ptr(temp))
885 return 0;
886
887 ret = i2d_INVALIDTEMPLATE(temp, NULL);
888
889 INVALIDTEMPLATE_free(temp);
890
891 /* We expect the i2d operation to fail */
892 return ret < 0;
893 }
894
setup_tests(void)895 int setup_tests(void)
896 {
897 #ifndef OPENSSL_NO_DEPRECATED_3_0
898 ADD_TEST(test_long_32bit);
899 ADD_TEST(test_long_64bit);
900 #endif
901 ADD_TEST(test_int32);
902 ADD_TEST(test_uint32);
903 ADD_TEST(test_int64);
904 ADD_TEST(test_uint64);
905 ADD_TEST(test_invalid_template);
906 return 1;
907 }
908