1 /* Copyright (c) 2014, Google Inc.
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
15 #if !defined(__STDC_CONSTANT_MACROS)
16 #define __STDC_CONSTANT_MACROS
25 #include <gtest/gtest.h>
27 #include <openssl/bytestring.h>
28 #include <openssl/crypto.h>
31 #include "../internal.h"
32 #include "../test/test_util.h"
36 static const uint8_t kData[] = {1, 2, 3};
39 CBS_init(&data, kData, sizeof(kData));
40 EXPECT_EQ(3u, CBS_len(&data));
41 EXPECT_TRUE(CBS_skip(&data, 1));
42 EXPECT_EQ(2u, CBS_len(&data));
43 EXPECT_TRUE(CBS_skip(&data, 2));
44 EXPECT_EQ(0u, CBS_len(&data));
45 EXPECT_FALSE(CBS_skip(&data, 1));
48 TEST(CBSTest, GetUint) {
49 static const uint8_t kData[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12};
55 CBS_init(&data, kData, sizeof(kData));
56 ASSERT_TRUE(CBS_get_u8(&data, &u8));
58 ASSERT_TRUE(CBS_get_u16(&data, &u16));
59 EXPECT_EQ(0x203u, u16);
60 ASSERT_TRUE(CBS_get_u24(&data, &u32));
61 EXPECT_EQ(0x40506u, u32);
62 ASSERT_TRUE(CBS_get_u32(&data, &u32));
63 EXPECT_EQ(0x708090au, u32);
64 ASSERT_TRUE(CBS_get_last_u8(&data, &u8));
66 ASSERT_TRUE(CBS_get_last_u8(&data, &u8));
68 EXPECT_FALSE(CBS_get_u8(&data, &u8));
69 EXPECT_FALSE(CBS_get_last_u8(&data, &u8));
72 TEST(CBSTest, GetPrefixed) {
73 static const uint8_t kData[] = {1, 2, 0, 2, 3, 4, 0, 0, 3, 3, 2, 1};
79 CBS_init(&data, kData, sizeof(kData));
80 ASSERT_TRUE(CBS_get_u8_length_prefixed(&data, &prefixed));
81 EXPECT_EQ(1u, CBS_len(&prefixed));
82 ASSERT_TRUE(CBS_get_u8(&prefixed, &u8));
84 ASSERT_TRUE(CBS_get_u16_length_prefixed(&data, &prefixed));
85 EXPECT_EQ(2u, CBS_len(&prefixed));
86 ASSERT_TRUE(CBS_get_u16(&prefixed, &u16));
87 EXPECT_EQ(0x304u, u16);
88 ASSERT_TRUE(CBS_get_u24_length_prefixed(&data, &prefixed));
89 EXPECT_EQ(3u, CBS_len(&prefixed));
90 ASSERT_TRUE(CBS_get_u24(&prefixed, &u32));
91 EXPECT_EQ(0x30201u, u32);
94 TEST(CBSTest, GetPrefixedBad) {
95 static const uint8_t kData1[] = {2, 1};
96 static const uint8_t kData2[] = {0, 2, 1};
97 static const uint8_t kData3[] = {0, 0, 2, 1};
100 CBS_init(&data, kData1, sizeof(kData1));
101 EXPECT_FALSE(CBS_get_u8_length_prefixed(&data, &prefixed));
103 CBS_init(&data, kData2, sizeof(kData2));
104 EXPECT_FALSE(CBS_get_u16_length_prefixed(&data, &prefixed));
106 CBS_init(&data, kData3, sizeof(kData3));
107 EXPECT_FALSE(CBS_get_u24_length_prefixed(&data, &prefixed));
110 TEST(CBSTest, GetASN1) {
111 static const uint8_t kData1[] = {0x30, 2, 1, 2};
112 static const uint8_t kData2[] = {0x30, 3, 1, 2};
113 static const uint8_t kData3[] = {0x30, 0x80};
114 static const uint8_t kData4[] = {0x30, 0x81, 1, 1};
115 static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80};
116 static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1};
117 static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1};
118 static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1};
119 static const uint8_t kData9[] = {0xa1, 3, 0x2, 1, 0xff};
125 CBS_init(&data, kData1, sizeof(kData1));
126 EXPECT_FALSE(CBS_peek_asn1_tag(&data, CBS_ASN1_BOOLEAN));
127 EXPECT_TRUE(CBS_peek_asn1_tag(&data, CBS_ASN1_SEQUENCE));
129 ASSERT_TRUE(CBS_get_asn1(&data, &contents, CBS_ASN1_SEQUENCE));
130 EXPECT_EQ(Bytes("\x01\x02"), Bytes(CBS_data(&contents), CBS_len(&contents)));
132 CBS_init(&data, kData2, sizeof(kData2));
134 EXPECT_FALSE(CBS_get_asn1(&data, &contents, CBS_ASN1_SEQUENCE));
136 CBS_init(&data, kData3, sizeof(kData3));
137 // zero byte length of length
138 EXPECT_FALSE(CBS_get_asn1(&data, &contents, CBS_ASN1_SEQUENCE));
140 CBS_init(&data, kData4, sizeof(kData4));
141 // long form mistakenly used.
142 EXPECT_FALSE(CBS_get_asn1(&data, &contents, CBS_ASN1_SEQUENCE));
144 CBS_init(&data, kData5, sizeof(kData5));
145 // length takes too many bytes.
146 EXPECT_FALSE(CBS_get_asn1(&data, &contents, CBS_ASN1_SEQUENCE));
148 CBS_init(&data, kData1, sizeof(kData1));
150 EXPECT_FALSE(CBS_get_asn1(&data, &contents, 0x31));
152 CBS_init(&data, NULL, 0);
153 // peek at empty data.
154 EXPECT_FALSE(CBS_peek_asn1_tag(&data, CBS_ASN1_SEQUENCE));
156 CBS_init(&data, NULL, 0);
157 // optional elements at empty data.
158 ASSERT_TRUE(CBS_get_optional_asn1(
159 &data, &contents, &present,
160 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0));
161 EXPECT_FALSE(present);
162 ASSERT_TRUE(CBS_get_optional_asn1_octet_string(
163 &data, &contents, &present,
164 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0));
165 EXPECT_FALSE(present);
166 EXPECT_EQ(0u, CBS_len(&contents));
167 ASSERT_TRUE(CBS_get_optional_asn1_octet_string(
168 &data, &contents, NULL,
169 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0));
170 EXPECT_EQ(0u, CBS_len(&contents));
171 ASSERT_TRUE(CBS_get_optional_asn1_uint64(
172 &data, &value, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0, 42));
173 EXPECT_EQ(42u, value);
175 CBS_init(&data, kData6, sizeof(kData6));
177 ASSERT_TRUE(CBS_get_optional_asn1(
178 &data, &contents, &present,
179 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0));
180 EXPECT_FALSE(present);
181 ASSERT_TRUE(CBS_get_optional_asn1(
182 &data, &contents, &present,
183 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1));
184 EXPECT_TRUE(present);
185 EXPECT_EQ(Bytes("\x04\x01\x01"),
186 Bytes(CBS_data(&contents), CBS_len(&contents)));
188 CBS_init(&data, kData6, sizeof(kData6));
189 // optional octet string.
190 ASSERT_TRUE(CBS_get_optional_asn1_octet_string(
191 &data, &contents, &present,
192 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0));
193 EXPECT_FALSE(present);
194 EXPECT_EQ(0u, CBS_len(&contents));
195 ASSERT_TRUE(CBS_get_optional_asn1_octet_string(
196 &data, &contents, &present,
197 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1));
198 EXPECT_TRUE(present);
199 EXPECT_EQ(Bytes("\x01"), Bytes(CBS_data(&contents), CBS_len(&contents)));
201 CBS_init(&data, kData7, sizeof(kData7));
202 // invalid optional octet string.
203 EXPECT_FALSE(CBS_get_optional_asn1_octet_string(
204 &data, &contents, &present,
205 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1));
207 CBS_init(&data, kData8, sizeof(kData8));
209 ASSERT_TRUE(CBS_get_optional_asn1_uint64(
210 &data, &value, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0, 42));
211 EXPECT_EQ(42u, value);
212 ASSERT_TRUE(CBS_get_optional_asn1_uint64(
213 &data, &value, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1, 42));
214 EXPECT_EQ(1u, value);
216 CBS_init(&data, kData9, sizeof(kData9));
217 // invalid optional integer.
218 EXPECT_FALSE(CBS_get_optional_asn1_uint64(
219 &data, &value, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1, 42));
222 CBS_init(&data, kData1, sizeof(kData1));
223 ASSERT_TRUE(CBS_get_any_asn1(&data, &contents, &tag));
224 EXPECT_EQ(CBS_ASN1_SEQUENCE, tag);
225 EXPECT_EQ(Bytes("\x01\x02"), Bytes(CBS_data(&contents), CBS_len(&contents)));
228 CBS_init(&data, kData1, sizeof(kData1));
229 ASSERT_TRUE(CBS_get_any_asn1_element(&data, &contents, &tag, &header_len));
230 EXPECT_EQ(CBS_ASN1_SEQUENCE, tag);
231 EXPECT_EQ(2u, header_len);
232 EXPECT_EQ(Bytes("\x30\x02\x01\x02"),
233 Bytes(CBS_data(&contents), CBS_len(&contents)));
236 TEST(CBSTest, ParseASN1Tag) {
240 std::vector<uint8_t> in;
242 {true, CBS_ASN1_SEQUENCE, {0x30, 0}},
243 {true, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 4, {0xa4, 0}},
244 {true, CBS_ASN1_APPLICATION | 30, {0x5e, 0}},
245 {true, CBS_ASN1_APPLICATION | 31, {0x5f, 0x1f, 0}},
246 {true, CBS_ASN1_APPLICATION | 32, {0x5f, 0x20, 0}},
248 CBS_ASN1_PRIVATE | CBS_ASN1_CONSTRUCTED | 0x1fffffff,
249 {0xff, 0x81, 0xff, 0xff, 0xff, 0x7f, 0}},
250 // Tag number fits in unsigned but not |CBS_ASN1_TAG_NUMBER_MASK|.
251 {false, 0, {0xff, 0x82, 0xff, 0xff, 0xff, 0x7f, 0}},
252 // Tag number does not fit in unsigned.
253 {false, 0, {0xff, 0x90, 0x80, 0x80, 0x80, 0, 0}},
254 // Tag number is not minimally-encoded
255 {false, 0, {0x5f, 0x80, 0x1f, 0}},
256 // Tag number should have used short form.
257 {false, 0, {0x5f, 0x80, 0x1e, 0}},
259 for (const auto &t : kTests) {
260 SCOPED_TRACE(Bytes(t.in));
263 CBS_init(&cbs, t.in.data(), t.in.size());
264 ASSERT_EQ(t.ok, !!CBS_get_any_asn1(&cbs, &child, &tag));
266 EXPECT_EQ(t.tag, tag);
267 EXPECT_EQ(0u, CBS_len(&child));
268 EXPECT_EQ(0u, CBS_len(&cbs));
270 CBS_init(&cbs, t.in.data(), t.in.size());
271 EXPECT_TRUE(CBS_peek_asn1_tag(&cbs, t.tag));
272 EXPECT_FALSE(CBS_peek_asn1_tag(&cbs, t.tag + 1));
274 EXPECT_TRUE(CBS_get_asn1(&cbs, &child, t.tag));
275 EXPECT_EQ(0u, CBS_len(&child));
276 EXPECT_EQ(0u, CBS_len(&cbs));
278 CBS_init(&cbs, t.in.data(), t.in.size());
279 EXPECT_FALSE(CBS_get_asn1(&cbs, &child, t.tag + 1));
284 TEST(CBSTest, GetOptionalASN1Bool) {
285 static const uint8_t kTrue[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0xff};
286 static const uint8_t kFalse[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x00};
287 static const uint8_t kInvalid[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x01};
290 CBS_init(&data, NULL, 0);
292 ASSERT_TRUE(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
295 CBS_init(&data, kTrue, sizeof(kTrue));
297 ASSERT_TRUE(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
300 CBS_init(&data, kFalse, sizeof(kFalse));
302 ASSERT_TRUE(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
305 CBS_init(&data, kInvalid, sizeof(kInvalid));
306 EXPECT_FALSE(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
309 // Test that CBB_init may be used on an uninitialized input.
310 TEST(CBBTest, InitUninitialized) {
312 ASSERT_TRUE(CBB_init(&cbb, 100));
316 TEST(CBBTest, Basic) {
317 static const uint8_t kExpected[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0xa, 0xb, 0xc};
322 ASSERT_TRUE(CBB_init(cbb.get(), 100));
325 ASSERT_TRUE(CBB_init(cbb.get(), 0));
326 ASSERT_TRUE(CBB_add_u8(cbb.get(), 1));
327 ASSERT_TRUE(CBB_add_u16(cbb.get(), 0x203));
328 ASSERT_TRUE(CBB_add_u24(cbb.get(), 0x40506));
329 ASSERT_TRUE(CBB_add_u32(cbb.get(), 0x708090a));
330 ASSERT_TRUE(CBB_add_bytes(cbb.get(), (const uint8_t *)"\x0b\x0c", 2));
331 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
333 bssl::UniquePtr<uint8_t> scoper(buf);
334 EXPECT_EQ(Bytes(kExpected), Bytes(buf, buf_len));
337 TEST(CBBTest, Fixed) {
343 ASSERT_TRUE(CBB_init_fixed(cbb.get(), NULL, 0));
344 ASSERT_TRUE(CBB_finish(cbb.get(), &out_buf, &out_size));
345 EXPECT_EQ(NULL, out_buf);
346 EXPECT_EQ(0u, out_size);
349 ASSERT_TRUE(CBB_init_fixed(cbb.get(), buf, 1));
350 ASSERT_TRUE(CBB_add_u8(cbb.get(), 1));
351 ASSERT_TRUE(CBB_finish(cbb.get(), &out_buf, &out_size));
352 EXPECT_EQ(buf, out_buf);
353 EXPECT_EQ(1u, out_size);
354 EXPECT_EQ(1u, buf[0]);
357 ASSERT_TRUE(CBB_init_fixed(cbb.get(), buf, 1));
358 ASSERT_TRUE(CBB_add_u8(cbb.get(), 1));
359 EXPECT_FALSE(CBB_add_u8(cbb.get(), 2));
362 // Test that calling CBB_finish on a child does nothing.
363 TEST(CBBTest, FinishChild) {
369 ASSERT_TRUE(CBB_init(cbb.get(), 16));
370 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &child));
372 EXPECT_FALSE(CBB_finish(&child, &out_buf, &out_size));
374 ASSERT_TRUE(CBB_finish(cbb.get(), &out_buf, &out_size));
375 bssl::UniquePtr<uint8_t> scoper(out_buf);
376 ASSERT_EQ(1u, out_size);
377 EXPECT_EQ(0u, out_buf[0]);
380 TEST(CBBTest, Prefixed) {
381 static const uint8_t kExpected[] = {0, 1, 1, 0, 2, 2, 3, 0, 0, 3,
382 4, 5, 6, 5, 4, 1, 0, 1, 2};
386 CBB contents, inner_contents, inner_inner_contents;
387 ASSERT_TRUE(CBB_init(cbb.get(), 0));
388 EXPECT_EQ(0u, CBB_len(cbb.get()));
389 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &contents));
390 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &contents));
391 ASSERT_TRUE(CBB_add_u8(&contents, 1));
392 EXPECT_EQ(1u, CBB_len(&contents));
393 ASSERT_TRUE(CBB_flush(cbb.get()));
394 EXPECT_EQ(3u, CBB_len(cbb.get()));
395 ASSERT_TRUE(CBB_add_u16_length_prefixed(cbb.get(), &contents));
396 ASSERT_TRUE(CBB_add_u16(&contents, 0x203));
397 ASSERT_TRUE(CBB_add_u24_length_prefixed(cbb.get(), &contents));
398 ASSERT_TRUE(CBB_add_u24(&contents, 0x40506));
399 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &contents));
400 ASSERT_TRUE(CBB_add_u8_length_prefixed(&contents, &inner_contents));
401 ASSERT_TRUE(CBB_add_u8(&inner_contents, 1));
403 CBB_add_u16_length_prefixed(&inner_contents, &inner_inner_contents));
404 ASSERT_TRUE(CBB_add_u8(&inner_inner_contents, 2));
405 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
407 bssl::UniquePtr<uint8_t> scoper(buf);
408 EXPECT_EQ(Bytes(kExpected), Bytes(buf, buf_len));
411 TEST(CBBTest, DiscardChild) {
413 CBB contents, inner_contents, inner_inner_contents;
415 ASSERT_TRUE(CBB_init(cbb.get(), 0));
416 ASSERT_TRUE(CBB_add_u8(cbb.get(), 0xaa));
418 // Discarding |cbb|'s children preserves the byte written.
419 CBB_discard_child(cbb.get());
421 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &contents));
422 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &contents));
423 ASSERT_TRUE(CBB_add_u8(&contents, 0xbb));
424 ASSERT_TRUE(CBB_add_u16_length_prefixed(cbb.get(), &contents));
425 ASSERT_TRUE(CBB_add_u16(&contents, 0xcccc));
426 ASSERT_TRUE(CBB_add_u24_length_prefixed(cbb.get(), &contents));
427 ASSERT_TRUE(CBB_add_u24(&contents, 0xdddddd));
428 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &contents));
429 ASSERT_TRUE(CBB_add_u8(&contents, 0xff));
430 ASSERT_TRUE(CBB_add_u8_length_prefixed(&contents, &inner_contents));
431 ASSERT_TRUE(CBB_add_u8(&inner_contents, 0x42));
433 CBB_add_u16_length_prefixed(&inner_contents, &inner_inner_contents));
434 ASSERT_TRUE(CBB_add_u8(&inner_inner_contents, 0x99));
436 // Discard everything from |inner_contents| down.
437 CBB_discard_child(&contents);
441 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
442 bssl::UniquePtr<uint8_t> scoper(buf);
444 static const uint8_t kExpected[] = {
449 0, 0, 3, 0xdd, 0xdd, 0xdd,
452 EXPECT_EQ(Bytes(kExpected), Bytes(buf, buf_len));
455 TEST(CBBTest, Misuse) {
461 ASSERT_TRUE(CBB_init(cbb.get(), 0));
462 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &child));
463 ASSERT_TRUE(CBB_add_u8(&child, 1));
464 ASSERT_TRUE(CBB_add_u8(cbb.get(), 2));
466 // Since we wrote to |cbb|, |child| is now invalid and attempts to write to
468 EXPECT_FALSE(CBB_add_u8(&child, 1));
469 EXPECT_FALSE(CBB_add_u16(&child, 1));
470 EXPECT_FALSE(CBB_add_u24(&child, 1));
471 EXPECT_FALSE(CBB_add_u8_length_prefixed(&child, &contents));
472 EXPECT_FALSE(CBB_add_u16_length_prefixed(&child, &contents));
473 EXPECT_FALSE(CBB_add_asn1(&child, &contents, 1));
474 EXPECT_FALSE(CBB_add_bytes(&child, (const uint8_t*) "a", 1));
476 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
477 bssl::UniquePtr<uint8_t> scoper(buf);
479 EXPECT_EQ(Bytes("\x01\x01\x02"), Bytes(buf, buf_len));
482 TEST(CBBTest, ASN1) {
483 static const uint8_t kExpected[] = {
484 // SEQUENCE { 1 2 3 }
486 // [4 CONSTRUCTED] { 4 5 6 }
488 // [APPLICATION 30 PRIMITIVE] { 7 8 9 }
490 // [APPLICATION 31 PRIMITIVE] { 10 11 12 }
491 0x5f, 0x1f, 3, 10, 11, 12,
492 // [PRIVATE 2^29-1 CONSTRUCTED] { 13 14 15 }
493 0xff, 0x81, 0xff, 0xff, 0xff, 0x7f, 3, 13, 14, 15,
498 CBB contents, inner_contents;
500 ASSERT_TRUE(CBB_init(cbb.get(), 0));
501 ASSERT_TRUE(CBB_add_asn1(cbb.get(), &contents, CBS_ASN1_SEQUENCE));
502 ASSERT_TRUE(CBB_add_bytes(&contents, (const uint8_t *)"\x01\x02\x03", 3));
504 CBB_add_asn1(cbb.get(), &contents,
505 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 4));
506 ASSERT_TRUE(CBB_add_bytes(&contents, (const uint8_t *)"\x04\x05\x06", 3));
508 CBB_add_asn1(cbb.get(), &contents,
509 CBS_ASN1_APPLICATION | 30));
510 ASSERT_TRUE(CBB_add_bytes(&contents, (const uint8_t *)"\x07\x08\x09", 3));
512 CBB_add_asn1(cbb.get(), &contents,
513 CBS_ASN1_APPLICATION | 31));
514 ASSERT_TRUE(CBB_add_bytes(&contents, (const uint8_t *)"\x0a\x0b\x0c", 3));
516 CBB_add_asn1(cbb.get(), &contents,
517 CBS_ASN1_PRIVATE | CBS_ASN1_CONSTRUCTED | 0x1fffffff));
518 ASSERT_TRUE(CBB_add_bytes(&contents, (const uint8_t *)"\x0d\x0e\x0f", 3));
519 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
520 bssl::UniquePtr<uint8_t> scoper(buf);
522 EXPECT_EQ(Bytes(kExpected), Bytes(buf, buf_len));
524 std::vector<uint8_t> test_data(100000, 0x42);
525 ASSERT_TRUE(CBB_init(cbb.get(), 0));
526 ASSERT_TRUE(CBB_add_asn1(cbb.get(), &contents, CBS_ASN1_SEQUENCE));
527 ASSERT_TRUE(CBB_add_bytes(&contents, test_data.data(), 130));
528 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
531 ASSERT_EQ(3u + 130u, buf_len);
532 EXPECT_EQ(Bytes("\x30\x81\x82"), Bytes(buf, 3));
533 EXPECT_EQ(Bytes(test_data.data(), 130), Bytes(buf + 3, 130));
535 ASSERT_TRUE(CBB_init(cbb.get(), 0));
536 ASSERT_TRUE(CBB_add_asn1(cbb.get(), &contents, CBS_ASN1_SEQUENCE));
537 ASSERT_TRUE(CBB_add_bytes(&contents, test_data.data(), 1000));
538 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
541 ASSERT_EQ(4u + 1000u, buf_len);
542 EXPECT_EQ(Bytes("\x30\x82\x03\xe8"), Bytes(buf, 4));
543 EXPECT_EQ(Bytes(test_data.data(), 1000), Bytes(buf + 4, 1000));
545 ASSERT_TRUE(CBB_init(cbb.get(), 0));
546 ASSERT_TRUE(CBB_add_asn1(cbb.get(), &contents, CBS_ASN1_SEQUENCE));
547 ASSERT_TRUE(CBB_add_asn1(&contents, &inner_contents, CBS_ASN1_SEQUENCE));
548 ASSERT_TRUE(CBB_add_bytes(&inner_contents, test_data.data(), 100000));
549 ASSERT_TRUE(CBB_finish(cbb.get(), &buf, &buf_len));
552 ASSERT_EQ(5u + 5u + 100000u, buf_len);
553 EXPECT_EQ(Bytes("\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0"), Bytes(buf, 10));
554 EXPECT_EQ(Bytes(test_data.data(), test_data.size()), Bytes(buf + 10, 100000));
557 static void ExpectBerConvert(const char *name, const uint8_t *der_expected,
558 size_t der_len, const uint8_t *ber,
565 CBS_init(&in, ber, ber_len);
566 ASSERT_TRUE(CBS_asn1_ber_to_der(&in, &out, &out_len));
567 bssl::UniquePtr<uint8_t> scoper(out);
570 EXPECT_EQ(Bytes(der_expected, der_len), Bytes(ber, ber_len));
572 EXPECT_NE(Bytes(der_expected, der_len), Bytes(ber, ber_len));
573 EXPECT_EQ(Bytes(der_expected, der_len), Bytes(out, out_len));
577 TEST(CBSTest, BerConvert) {
578 static const uint8_t kSimpleBER[] = {0x01, 0x01, 0x00};
580 // kIndefBER contains a SEQUENCE with an indefinite length.
581 static const uint8_t kIndefBER[] = {0x30, 0x80, 0x01, 0x01, 0x02, 0x00, 0x00};
582 static const uint8_t kIndefDER[] = {0x30, 0x03, 0x01, 0x01, 0x02};
584 // kIndefBER2 contains a constructed [APPLICATION 31] with an indefinite
586 static const uint8_t kIndefBER2[] = {0x7f, 0x1f, 0x80, 0x01,
587 0x01, 0x02, 0x00, 0x00};
588 static const uint8_t kIndefDER2[] = {0x7f, 0x1f, 0x03, 0x01, 0x01, 0x02};
590 // kOctetStringBER contains an indefinite length OCTET STRING with two parts.
591 // These parts need to be concatenated in DER form.
592 static const uint8_t kOctetStringBER[] = {0x24, 0x80, 0x04, 0x02, 0, 1,
593 0x04, 0x02, 2, 3, 0x00, 0x00};
594 static const uint8_t kOctetStringDER[] = {0x04, 0x04, 0, 1, 2, 3};
596 // kNSSBER is part of a PKCS#12 message generated by NSS that uses indefinite
597 // length elements extensively.
598 static const uint8_t kNSSBER[] = {
599 0x30, 0x80, 0x02, 0x01, 0x03, 0x30, 0x80, 0x06, 0x09, 0x2a, 0x86, 0x48,
600 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x80, 0x24, 0x80, 0x04, 0x04,
601 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x39,
602 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
603 0x00, 0x04, 0x14, 0x84, 0x98, 0xfc, 0x66, 0x33, 0xee, 0xba, 0xe7, 0x90,
604 0xc1, 0xb6, 0xe8, 0x8f, 0xfe, 0x1d, 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04,
605 0x10, 0x38, 0x62, 0xc6, 0x44, 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b,
606 0xf0, 0x6e, 0x10, 0x9b, 0xb8, 0x02, 0x02, 0x07, 0xd0, 0x00, 0x00,
609 static const uint8_t kNSSDER[] = {
610 0x30, 0x53, 0x02, 0x01, 0x03, 0x30, 0x13, 0x06, 0x09, 0x2a, 0x86,
611 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x06, 0x04, 0x04,
612 0x01, 0x02, 0x03, 0x04, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06,
613 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84,
614 0x98, 0xfc, 0x66, 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8,
615 0x8f, 0xfe, 0x1d, 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38,
616 0x62, 0xc6, 0x44, 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0,
617 0x6e, 0x10, 0x9b, 0xb8, 0x02, 0x02, 0x07, 0xd0,
620 // kConstructedStringBER contains a deeply-nested constructed OCTET STRING.
621 // The BER conversion collapses this to one level deep, but not completely.
622 static const uint8_t kConstructedStringBER[] = {
623 0xa0, 0x10, 0x24, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01,
624 0x01, 0x24, 0x06, 0x04, 0x01, 0x02, 0x04, 0x01, 0x03,
626 static const uint8_t kConstructedStringDER[] = {
627 0xa0, 0x08, 0x04, 0x02, 0x00, 0x01, 0x04, 0x02, 0x02, 0x03,
630 ExpectBerConvert("kSimpleBER", kSimpleBER, sizeof(kSimpleBER), kSimpleBER,
632 ExpectBerConvert("kIndefBER", kIndefDER, sizeof(kIndefDER), kIndefBER,
634 ExpectBerConvert("kIndefBER2", kIndefDER2, sizeof(kIndefDER2), kIndefBER2,
636 ExpectBerConvert("kOctetStringBER", kOctetStringDER, sizeof(kOctetStringDER),
637 kOctetStringBER, sizeof(kOctetStringBER));
638 ExpectBerConvert("kNSSBER", kNSSDER, sizeof(kNSSDER), kNSSBER,
640 ExpectBerConvert("kConstructedStringBER", kConstructedStringDER,
641 sizeof(kConstructedStringDER), kConstructedStringBER,
642 sizeof(kConstructedStringBER));
645 struct ImplicitStringTest {
653 static const ImplicitStringTest kImplicitStringTests[] = {
654 // A properly-encoded string.
655 {"\x80\x03\x61\x61\x61", 5, true, "aaa", 3},
656 // An implicit-tagged string.
657 {"\xa0\x09\x04\x01\x61\x04\x01\x61\x04\x01\x61", 11, true, "aaa", 3},
658 // |CBS_get_asn1_implicit_string| only accepts one level deep of nesting.
659 {"\xa0\x0b\x24\x06\x04\x01\x61\x04\x01\x61\x04\x01\x61", 13, false, nullptr,
661 // The outer tag must match.
662 {"\x81\x03\x61\x61\x61", 5, false, nullptr, 0},
663 {"\xa1\x09\x04\x01\x61\x04\x01\x61\x04\x01\x61", 11, false, nullptr, 0},
664 // The inner tag must match.
665 {"\xa1\x09\x0c\x01\x61\x0c\x01\x61\x0c\x01\x61", 11, false, nullptr, 0},
668 TEST(CBSTest, ImplicitString) {
669 for (const auto &test : kImplicitStringTests) {
670 SCOPED_TRACE(Bytes(test.in, test.in_len));
671 uint8_t *storage = nullptr;
673 CBS_init(&in, reinterpret_cast<const uint8_t *>(test.in), test.in_len);
674 int ok = CBS_get_asn1_implicit_string(&in, &out, &storage,
675 CBS_ASN1_CONTEXT_SPECIFIC | 0,
676 CBS_ASN1_OCTETSTRING);
677 bssl::UniquePtr<uint8_t> scoper(storage);
678 EXPECT_EQ(test.ok, static_cast<bool>(ok));
681 EXPECT_EQ(Bytes(test.out, test.out_len),
682 Bytes(CBS_data(&out), CBS_len(&out)));
687 struct ASN1Uint64Test {
689 const char *encoding;
693 static const ASN1Uint64Test kASN1Uint64Tests[] = {
694 {0, "\x02\x01\x00", 3},
695 {1, "\x02\x01\x01", 3},
696 {127, "\x02\x01\x7f", 3},
697 {128, "\x02\x02\x00\x80", 4},
698 {0xdeadbeef, "\x02\x05\x00\xde\xad\xbe\xef", 7},
699 {UINT64_C(0x0102030405060708),
700 "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10},
701 {UINT64_C(0xffffffffffffffff),
702 "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11},
705 struct ASN1InvalidUint64Test {
706 const char *encoding;
710 static const ASN1InvalidUint64Test kASN1InvalidUint64Tests[] = {
718 {"\x02\x09\x01\x00\x00\x00\x00\x00\x00\x00\x00", 11},
720 {"\x02\x02\x00\x01", 4},
723 TEST(CBSTest, ASN1Uint64) {
724 for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kASN1Uint64Tests); i++) {
726 const ASN1Uint64Test *test = &kASN1Uint64Tests[i];
732 CBS_init(&cbs, (const uint8_t *)test->encoding, test->encoding_len);
733 ASSERT_TRUE(CBS_get_asn1_uint64(&cbs, &value));
734 EXPECT_EQ(0u, CBS_len(&cbs));
735 EXPECT_EQ(test->value, value);
738 ASSERT_TRUE(CBB_init(cbb.get(), 0));
739 ASSERT_TRUE(CBB_add_asn1_uint64(cbb.get(), test->value));
740 ASSERT_TRUE(CBB_finish(cbb.get(), &out, &len));
741 bssl::UniquePtr<uint8_t> scoper(out);
742 EXPECT_EQ(Bytes(test->encoding, test->encoding_len), Bytes(out, len));
745 for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kASN1InvalidUint64Tests); i++) {
746 const ASN1InvalidUint64Test *test = &kASN1InvalidUint64Tests[i];
750 CBS_init(&cbs, (const uint8_t *)test->encoding, test->encoding_len);
751 EXPECT_FALSE(CBS_get_asn1_uint64(&cbs, &value));
755 TEST(CBBTest, Zero) {
758 // Calling |CBB_cleanup| on a zero-state |CBB| must not crash.
762 TEST(CBBTest, Reserve) {
767 ASSERT_TRUE(CBB_init_fixed(cbb.get(), buf, sizeof(buf)));
769 EXPECT_FALSE(CBB_reserve(cbb.get(), &ptr, 11));
772 ASSERT_TRUE(CBB_init_fixed(cbb.get(), buf, sizeof(buf)));
773 // Successfully reserve the entire space.
774 ASSERT_TRUE(CBB_reserve(cbb.get(), &ptr, 10));
776 // Advancing under the maximum bytes is legal.
777 ASSERT_TRUE(CBB_did_write(cbb.get(), 5));
778 ASSERT_TRUE(CBB_finish(cbb.get(), NULL, &len));
782 // Test that CBB errors are sticky; once on operation on CBB fails, all
783 // subsequent ones do.
784 TEST(CBBTest, StickyError) {
785 // Write an input that exceeds the limit for its length prefix.
788 static const uint8_t kZeros[256] = {0};
789 ASSERT_TRUE(CBB_init(cbb.get(), 0));
790 ASSERT_TRUE(CBB_add_u8_length_prefixed(cbb.get(), &child));
791 ASSERT_TRUE(CBB_add_bytes(&child, kZeros, sizeof(kZeros)));
792 ASSERT_FALSE(CBB_flush(cbb.get()));
794 // All future operations should fail.
797 EXPECT_FALSE(CBB_add_u8(cbb.get(), 0));
798 EXPECT_FALSE(CBB_finish(cbb.get(), &ptr, &len));
800 // Write an input that cannot fit in a fixed CBB.
803 ASSERT_TRUE(CBB_init_fixed(cbb.get(), &buf, 1));
804 ASSERT_FALSE(CBB_add_bytes(cbb.get(), kZeros, sizeof(kZeros)));
806 // All future operations should fail.
807 EXPECT_FALSE(CBB_add_u8(cbb.get(), 0));
808 EXPECT_FALSE(CBB_finish(cbb.get(), &ptr, &len));
810 // Write a u32 that cannot fit in a u24.
812 ASSERT_TRUE(CBB_init(cbb.get(), 0));
813 ASSERT_FALSE(CBB_add_u24(cbb.get(), 1u << 24));
815 // All future operations should fail.
816 EXPECT_FALSE(CBB_add_u8(cbb.get(), 0));
817 EXPECT_FALSE(CBB_finish(cbb.get(), &ptr, &len));
820 TEST(CBSTest, BitString) {
821 static const std::vector<uint8_t> kValidBitStrings[] = {
823 {0x07, 0x80}, // 1 bit
824 {0x04, 0xf0}, // 4 bits
825 {0x00, 0xff}, // 8 bits
826 {0x06, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0}, // 42 bits
828 for (const auto& test : kValidBitStrings) {
829 SCOPED_TRACE(Bytes(test.data(), test.size()));
831 CBS_init(&cbs, test.data(), test.size());
832 EXPECT_TRUE(CBS_is_valid_asn1_bitstring(&cbs));
835 static const std::vector<uint8_t> kInvalidBitStrings[] = {
836 // BIT STRINGs always have a leading byte.
837 std::vector<uint8_t>{},
838 // It's not possible to take an unused bit off the empty string.
840 // There can be at most 7 unused bits.
843 // All unused bits must be cleared.
846 for (const auto& test : kInvalidBitStrings) {
847 SCOPED_TRACE(Bytes(test.data(), test.size()));
849 CBS_init(&cbs, test.data(), test.size());
850 EXPECT_FALSE(CBS_is_valid_asn1_bitstring(&cbs));
852 // CBS_asn1_bitstring_has_bit returns false on invalid inputs.
853 EXPECT_FALSE(CBS_asn1_bitstring_has_bit(&cbs, 0));
856 static const struct {
857 std::vector<uint8_t> in;
863 {{0x07, 0x80}, 0, true},
864 {{0x06, 0x0f, 0x40}, 0, false},
865 {{0x06, 0x0f, 0x40}, 1, false},
866 {{0x06, 0x0f, 0x40}, 2, false},
867 {{0x06, 0x0f, 0x40}, 3, false},
868 {{0x06, 0x0f, 0x40}, 4, true},
869 {{0x06, 0x0f, 0x40}, 5, true},
870 {{0x06, 0x0f, 0x40}, 6, true},
871 {{0x06, 0x0f, 0x40}, 7, true},
872 {{0x06, 0x0f, 0x40}, 8, false},
873 {{0x06, 0x0f, 0x40}, 9, true},
874 // Out-of-bounds bits return 0.
875 {{0x06, 0x0f, 0x40}, 10, false},
876 {{0x06, 0x0f, 0x40}, 15, false},
877 {{0x06, 0x0f, 0x40}, 16, false},
878 {{0x06, 0x0f, 0x40}, 1000, false},
880 for (const auto& test : kBitTests) {
881 SCOPED_TRACE(Bytes(test.in.data(), test.in.size()));
882 SCOPED_TRACE(test.bit);
884 CBS_init(&cbs, test.in.data(), test.in.size());
885 EXPECT_EQ(static_cast<int>(test.bit_set),
886 CBS_asn1_bitstring_has_bit(&cbs, test.bit));
890 TEST(CBBTest, AddOIDFromText) {
893 std::vector<uint8_t> der;
895 // Some valid values.
897 {"0.2.3.4", {0x2, 0x3, 0x4}},
898 {"1.2.3.4", {0x2a, 0x3, 0x4}},
899 {"2.2.3.4", {0x52, 0x3, 0x4}},
900 {"1.2.840.113554.4.1.72585",
901 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7, 0x09}},
902 // Test edge cases around the first component.
909 // Edge cases near an overflow.
910 {"1.2.18446744073709551615",
911 {0x2a, 0x81, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f}},
912 {"2.18446744073709551535",
913 {0x81, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f}},
916 const char *kInvalidTexts[] = {
917 // Invalid second component.
920 // Invalid first component.
922 // The empty string is not an OID.
924 // No empty components.
928 // There must be at least two components.
930 // No extra leading zeros.
933 // Overflow for both components or 40*A + B.
934 "1.2.18446744073709551616",
935 "2.18446744073709551536",
938 const std::vector<uint8_t> kInvalidDER[] = {
939 // The empty string is not an OID.
941 // Non-minimal representation.
943 // Overflow. This is the DER representation of
944 // 1.2.840.113554.4.1.72585.18446744073709551616. (The final value is
946 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7, 0x09,
947 0x82, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x00},
950 for (const auto &t : kValidOIDs) {
951 SCOPED_TRACE(t.text);
954 ASSERT_TRUE(CBB_init(cbb.get(), 0));
955 ASSERT_TRUE(CBB_add_asn1_oid_from_text(cbb.get(), t.text, strlen(t.text)));
958 ASSERT_TRUE(CBB_finish(cbb.get(), &out, &len));
959 bssl::UniquePtr<uint8_t> free_out(out);
960 EXPECT_EQ(Bytes(t.der), Bytes(out, len));
963 CBS_init(&cbs, t.der.data(), t.der.size());
964 bssl::UniquePtr<char> text(CBS_asn1_oid_to_text(&cbs));
965 ASSERT_TRUE(text.get());
966 EXPECT_STREQ(t.text, text.get());
969 for (const char *t : kInvalidTexts) {
972 ASSERT_TRUE(CBB_init(cbb.get(), 0));
973 EXPECT_FALSE(CBB_add_asn1_oid_from_text(cbb.get(), t, strlen(t)));
976 for (const auto &t : kInvalidDER) {
977 SCOPED_TRACE(Bytes(t));
979 CBS_init(&cbs, t.data(), t.size());
980 bssl::UniquePtr<char> text(CBS_asn1_oid_to_text(&cbs));
985 TEST(CBBTest, FlushASN1SetOf) {
987 std::vector<uint8_t> in, out;
992 {{0x30, 0x00}, {0x30, 0x00}},
993 // Two identical elements.
994 {{0x30, 0x00, 0x30, 0x00}, {0x30, 0x00, 0x30, 0x00}},
996 {{0x30, 0x02, 0x00, 0x00,
999 0x30, 0x02, 0x00, 0x00,
1000 0x30, 0x03, 0x00, 0x00, 0x00,
1002 0x30, 0x03, 0x00, 0x00, 0x01,
1010 0x30, 0x02, 0x00, 0x00,
1011 0x30, 0x02, 0x00, 0x00,
1012 0x30, 0x03, 0x00, 0x00, 0x00,
1013 0x30, 0x03, 0x00, 0x00, 0x01}},
1017 for (const auto &t : kValidInputs) {
1018 SCOPED_TRACE(Bytes(t.in));
1020 bssl::ScopedCBB cbb;
1022 ASSERT_TRUE(CBB_init(cbb.get(), 0));
1023 ASSERT_TRUE(CBB_add_asn1(cbb.get(), &child, CBS_ASN1_SET));
1024 ASSERT_TRUE(CBB_add_bytes(&child, t.in.data(), t.in.size()));
1025 ASSERT_TRUE(CBB_flush_asn1_set_of(&child));
1026 EXPECT_EQ(Bytes(t.out), Bytes(CBB_data(&child), CBB_len(&child)));
1028 // Running it again should be idempotent.
1029 ASSERT_TRUE(CBB_flush_asn1_set_of(&child));
1030 EXPECT_EQ(Bytes(t.out), Bytes(CBB_data(&child), CBB_len(&child)));
1032 // The ASN.1 header remain intact.
1033 ASSERT_TRUE(CBB_flush(cbb.get()));
1034 EXPECT_EQ(0x31, CBB_data(cbb.get())[0]);
1037 const std::vector<uint8_t> kInvalidInputs[] = {
1040 {0x30, 0x00, 0x30, 0x00, 0x30, 0x01},
1043 for (const auto &t : kInvalidInputs) {
1044 SCOPED_TRACE(Bytes(t));
1046 bssl::ScopedCBB cbb;
1048 ASSERT_TRUE(CBB_init(cbb.get(), 0));
1049 ASSERT_TRUE(CBB_add_asn1(cbb.get(), &child, CBS_ASN1_SET));
1050 ASSERT_TRUE(CBB_add_bytes(&child, t.data(), t.size()));
1051 EXPECT_FALSE(CBB_flush_asn1_set_of(&child));