| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 1 | /* BEGIN_HEADER */ | 
|  | 2 | #include <errno.h> | 
|  | 3 | #include <stdlib.h> | 
|  | 4 | #include <limits.h> | 
|  | 5 |  | 
|  | 6 | #include "mbedtls/bignum.h" | 
|  | 7 | #include "mbedtls/asn1.h" | 
|  | 8 | #if defined(MBEDTLS_ASN1_WRITE_C) | 
|  | 9 | #include "mbedtls/asn1write.h" | 
|  | 10 | #endif | 
|  | 11 |  | 
|  | 12 | #define ERR_PARSE_INCONSISTENCY INT_MAX | 
|  | 13 |  | 
|  | 14 | static int nested_parse( unsigned char **const p, | 
|  | 15 | const unsigned char *const end ) | 
|  | 16 | { | 
|  | 17 | int ret; | 
|  | 18 | size_t len = 0; | 
|  | 19 | size_t len2 = 0; | 
|  | 20 | unsigned char *const start = *p; | 
|  | 21 | unsigned char *content_start; | 
|  | 22 | unsigned char tag; | 
|  | 23 |  | 
|  | 24 | /* First get the length, skipping over the tag. */ | 
|  | 25 | content_start = start + 1; | 
|  | 26 | ret = mbedtls_asn1_get_len( &content_start, end, &len ); | 
|  | 27 | TEST_ASSERT( content_start <= end ); | 
|  | 28 | if( ret != 0 ) | 
|  | 29 | return( ret ); | 
|  | 30 |  | 
|  | 31 | /* Since we have a valid element start (tag and length), retrieve and | 
|  | 32 | * check the tag. */ | 
|  | 33 | tag = start[0]; | 
|  | 34 | TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ^ 1 ), | 
|  | 35 | MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); | 
|  | 36 | *p = start; | 
|  | 37 | TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ), 0 ); | 
|  | 38 | TEST_EQUAL( len, len2 ); | 
|  | 39 | TEST_ASSERT( *p == content_start ); | 
|  | 40 | *p = content_start; | 
|  | 41 |  | 
|  | 42 | switch( tag & 0x1f ) | 
|  | 43 | { | 
|  | 44 | case MBEDTLS_ASN1_BOOLEAN: | 
|  | 45 | { | 
|  | 46 | int val = -257; | 
|  | 47 | *p = start; | 
|  | 48 | ret = mbedtls_asn1_get_bool( p, end, &val ); | 
|  | 49 | if( ret == 0 ) | 
|  | 50 | TEST_ASSERT( val == 0 || val == 1 ); | 
|  | 51 | break; | 
|  | 52 | } | 
|  | 53 |  | 
|  | 54 | case MBEDTLS_ASN1_INTEGER: | 
|  | 55 | { | 
|  | 56 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 57 | mbedtls_mpi mpi; | 
|  | 58 | mbedtls_mpi_init( &mpi ); | 
|  | 59 | *p = start; | 
|  | 60 | ret = mbedtls_asn1_get_mpi( p, end, &mpi ); | 
|  | 61 | mbedtls_mpi_free( &mpi ); | 
| Gilles Peskine | 03c165e | 2019-10-10 19:15:18 +0200 | [diff] [blame] | 62 | #else | 
|  | 63 | *p = start + 1; | 
|  | 64 | ret = mbedtls_asn1_get_len( p, end, &len ); | 
|  | 65 | *p += len; | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 66 | #endif | 
|  | 67 | /* If we're sure that the number fits in an int, also | 
|  | 68 | * call mbedtls_asn1_get_int(). */ | 
|  | 69 | if( ret == 0 && len < sizeof( int ) ) | 
|  | 70 | { | 
|  | 71 | int val = -257; | 
|  | 72 | unsigned char *q = start; | 
|  | 73 | ret = mbedtls_asn1_get_int( &q, end, &val ); | 
|  | 74 | TEST_ASSERT( *p == q ); | 
|  | 75 | } | 
|  | 76 | break; | 
|  | 77 | } | 
|  | 78 |  | 
|  | 79 | case MBEDTLS_ASN1_BIT_STRING: | 
|  | 80 | { | 
|  | 81 | mbedtls_asn1_bitstring bs; | 
|  | 82 | *p = start; | 
|  | 83 | ret = mbedtls_asn1_get_bitstring( p, end, &bs ); | 
|  | 84 | break; | 
|  | 85 | } | 
|  | 86 |  | 
|  | 87 | case MBEDTLS_ASN1_SEQUENCE: | 
|  | 88 | { | 
|  | 89 | while( *p <= end && *p < content_start + len && ret == 0 ) | 
|  | 90 | ret = nested_parse( p, content_start + len ); | 
|  | 91 | break; | 
|  | 92 | } | 
|  | 93 |  | 
|  | 94 | case MBEDTLS_ASN1_OCTET_STRING: | 
|  | 95 | case MBEDTLS_ASN1_NULL: | 
|  | 96 | case MBEDTLS_ASN1_OID: | 
|  | 97 | case MBEDTLS_ASN1_UTF8_STRING: | 
|  | 98 | case MBEDTLS_ASN1_SET: | 
|  | 99 | case MBEDTLS_ASN1_PRINTABLE_STRING: | 
|  | 100 | case MBEDTLS_ASN1_T61_STRING: | 
|  | 101 | case MBEDTLS_ASN1_IA5_STRING: | 
|  | 102 | case MBEDTLS_ASN1_UTC_TIME: | 
|  | 103 | case MBEDTLS_ASN1_GENERALIZED_TIME: | 
|  | 104 | case MBEDTLS_ASN1_UNIVERSAL_STRING: | 
|  | 105 | case MBEDTLS_ASN1_BMP_STRING: | 
|  | 106 | default: | 
|  | 107 | /* No further testing implemented for this tag. */ | 
|  | 108 | *p += len; | 
|  | 109 | return( 0 ); | 
|  | 110 | } | 
|  | 111 |  | 
|  | 112 | TEST_ASSERT( *p <= end ); | 
|  | 113 | return( ret ); | 
|  | 114 |  | 
|  | 115 | exit: | 
|  | 116 | return( ERR_PARSE_INCONSISTENCY ); | 
|  | 117 | } | 
|  | 118 |  | 
|  | 119 | int get_len_step( const data_t *input, size_t buffer_size, | 
|  | 120 | size_t actual_length ) | 
|  | 121 | { | 
|  | 122 | unsigned char *buf = NULL; | 
|  | 123 | unsigned char *p = NULL; | 
|  | 124 | size_t parsed_length; | 
|  | 125 | int ret; | 
|  | 126 |  | 
|  | 127 | test_set_step( buffer_size ); | 
|  | 128 | /* Allocate a new buffer of exactly the length to parse each time. | 
|  | 129 | * This gives memory sanitizers a chance to catch buffer overreads. */ | 
|  | 130 | if( buffer_size == 0 ) | 
|  | 131 | { | 
|  | 132 | ASSERT_ALLOC( buf, 1 ); | 
|  | 133 | p = buf + 1; | 
|  | 134 | } | 
|  | 135 | else | 
|  | 136 | { | 
| Gilles Peskine | 2cd8ecc | 2019-03-04 17:13:43 +0100 | [diff] [blame] | 137 | ASSERT_ALLOC_WEAK( buf, buffer_size ); | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 138 | if( buffer_size > input->len ) | 
|  | 139 | { | 
|  | 140 | memcpy( buf, input->x, input->len ); | 
|  | 141 | memset( buf + input->len, 'A', buffer_size - input->len ); | 
|  | 142 | } | 
|  | 143 | else | 
|  | 144 | { | 
|  | 145 | memcpy( buf, input->x, buffer_size ); | 
|  | 146 | } | 
|  | 147 | p = buf; | 
|  | 148 | } | 
|  | 149 |  | 
|  | 150 | ret = mbedtls_asn1_get_len( &p, buf + buffer_size, &parsed_length ); | 
|  | 151 |  | 
|  | 152 | if( buffer_size >= input->len + actual_length ) | 
|  | 153 | { | 
|  | 154 | TEST_EQUAL( ret, 0 ); | 
|  | 155 | TEST_ASSERT( p == buf + input->len ); | 
|  | 156 | TEST_EQUAL( parsed_length, actual_length ); | 
|  | 157 | } | 
|  | 158 | else | 
|  | 159 | { | 
|  | 160 | TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | 
|  | 161 | } | 
|  | 162 | mbedtls_free( buf ); | 
|  | 163 | return( 1 ); | 
|  | 164 |  | 
|  | 165 | exit: | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 166 | mbedtls_free( buf ); | 
|  | 167 | return( 0 ); | 
|  | 168 | } | 
|  | 169 |  | 
|  | 170 | /* END_HEADER */ | 
|  | 171 |  | 
|  | 172 | /* BEGIN_DEPENDENCIES | 
|  | 173 | * depends_on:MBEDTLS_ASN1_PARSE_C | 
|  | 174 | * END_DEPENDENCIES | 
|  | 175 | */ | 
|  | 176 |  | 
|  | 177 | /* BEGIN_CASE */ | 
|  | 178 | void parse_prefixes( const data_t *input, | 
|  | 179 | int actual_length_arg, | 
|  | 180 | int last_result ) | 
|  | 181 | { | 
|  | 182 | size_t actual_length = actual_length_arg; | 
|  | 183 | unsigned char *buf = NULL; | 
|  | 184 | unsigned char *p = NULL; | 
|  | 185 | size_t buffer_size; | 
|  | 186 | int ret; | 
|  | 187 |  | 
| Gilles Peskine | ef41838 | 2020-01-21 18:56:27 +0100 | [diff] [blame^] | 188 | /* Test every prefix of the input, except the empty string. | 
|  | 189 | * The first byte of the string is the tag. Without a tag byte, | 
|  | 190 | * we wouldn't know what to parse the input as. | 
|  | 191 | */ | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 192 | for( buffer_size = 1; buffer_size <= input->len; buffer_size++ ) | 
|  | 193 | { | 
|  | 194 | test_set_step( buffer_size ); | 
|  | 195 | /* Allocate a new buffer of exactly the length to parse each time. | 
|  | 196 | * This gives memory sanitizers a chance to catch buffer overreads. */ | 
|  | 197 | ASSERT_ALLOC( buf, buffer_size ); | 
|  | 198 | memcpy( buf, input->x, buffer_size ); | 
|  | 199 | p = buf; | 
|  | 200 | ret = nested_parse( &p, buf + buffer_size ); | 
|  | 201 | if( ret == ERR_PARSE_INCONSISTENCY ) | 
|  | 202 | goto exit; | 
|  | 203 | if( actual_length > 0 && buffer_size >= actual_length ) | 
|  | 204 | { | 
|  | 205 | TEST_EQUAL( ret, last_result ); | 
|  | 206 | if( ret == 0 ) | 
|  | 207 | TEST_ASSERT( p == buf + actual_length ); | 
|  | 208 | } | 
|  | 209 | else | 
|  | 210 | { | 
|  | 211 | TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | 
|  | 212 | } | 
|  | 213 | mbedtls_free( buf ); | 
|  | 214 | buf = NULL; | 
|  | 215 | } | 
|  | 216 |  | 
|  | 217 | exit: | 
|  | 218 | mbedtls_free( buf ); | 
|  | 219 | } | 
|  | 220 | /* END_CASE */ | 
|  | 221 |  | 
|  | 222 | /* BEGIN_CASE */ | 
|  | 223 | void get_len( const data_t *input, int actual_length_arg ) | 
|  | 224 | { | 
|  | 225 | size_t actual_length = actual_length_arg; | 
|  | 226 | size_t buffer_size; | 
|  | 227 |  | 
| Gilles Peskine | ef41838 | 2020-01-21 18:56:27 +0100 | [diff] [blame^] | 228 | /* Test prefixes of a buffer containing the given length string | 
|  | 229 | * followed by `actual_length` bytes of payload. To save a bit of | 
|  | 230 | * time, we skip some "boring" prefixes: we don't test prefixes where | 
|  | 231 | * the payload is truncated more than one byte away from either end, | 
|  | 232 | * and we only test the empty string on a 1-byte input. | 
|  | 233 | */ | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 234 | for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) | 
|  | 235 | { | 
|  | 236 | if( ! get_len_step( input, buffer_size, actual_length ) ) | 
|  | 237 | goto exit; | 
|  | 238 | } | 
|  | 239 | if( ! get_len_step( input, input->len + actual_length - 1, actual_length ) ) | 
|  | 240 | goto exit; | 
|  | 241 | if( ! get_len_step( input, input->len + actual_length, actual_length ) ) | 
|  | 242 | goto exit; | 
|  | 243 | } | 
|  | 244 | /* END_CASE */ | 
|  | 245 |  | 
|  | 246 | /* BEGIN_CASE */ | 
|  | 247 | void get_boolean( const data_t *input, | 
|  | 248 | int expected_value, int expected_result ) | 
|  | 249 | { | 
|  | 250 | unsigned char *p = input->x; | 
|  | 251 | int val; | 
|  | 252 | int ret; | 
|  | 253 | ret = mbedtls_asn1_get_bool( &p, input->x + input->len, &val ); | 
|  | 254 | TEST_EQUAL( ret, expected_result ); | 
|  | 255 | if( expected_result == 0 ) | 
|  | 256 | { | 
|  | 257 | TEST_EQUAL( val, expected_value ); | 
|  | 258 | TEST_ASSERT( p == input->x + input->len ); | 
|  | 259 | } | 
|  | 260 | } | 
|  | 261 | /* END_CASE */ | 
|  | 262 |  | 
|  | 263 | /* BEGIN_CASE */ | 
| Gilles Peskine | 321adb2 | 2019-10-10 19:18:21 +0200 | [diff] [blame] | 264 | void empty_integer( const data_t *input ) | 
|  | 265 | { | 
|  | 266 | unsigned char *p; | 
|  | 267 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 268 | mbedtls_mpi actual_mpi; | 
|  | 269 | #endif | 
|  | 270 | int val; | 
|  | 271 |  | 
|  | 272 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 273 | mbedtls_mpi_init( & actual_mpi ); | 
|  | 274 | #endif | 
|  | 275 |  | 
|  | 276 | /* An INTEGER with no content is not valid. */ | 
|  | 277 | p = input->x; | 
|  | 278 | TEST_EQUAL( mbedtls_asn1_get_int( &p, input->x + input->len, &val ), | 
|  | 279 | MBEDTLS_ERR_ASN1_INVALID_LENGTH ); | 
|  | 280 |  | 
|  | 281 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 282 | /* INTEGERs are sometimes abused as bitstrings, so the library accepts | 
|  | 283 | * an INTEGER with empty content and gives it the value 0. */ | 
|  | 284 | p = input->x; | 
|  | 285 | TEST_EQUAL( mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ), | 
|  | 286 | 0 ); | 
|  | 287 | TEST_EQUAL( mbedtls_mpi_cmp_int( &actual_mpi, 0 ), 0 ); | 
|  | 288 | #endif | 
|  | 289 |  | 
|  | 290 | exit: | 
|  | 291 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 292 | mbedtls_mpi_free( &actual_mpi ); | 
|  | 293 | #endif | 
|  | 294 | /*empty cleanup in some configurations*/ ; | 
|  | 295 | } | 
|  | 296 | /* END_CASE */ | 
|  | 297 |  | 
|  | 298 | /* BEGIN_CASE */ | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 299 | void get_integer( const data_t *input, | 
|  | 300 | const char *expected_hex, int expected_result ) | 
|  | 301 | { | 
|  | 302 | unsigned char *p; | 
|  | 303 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 304 | mbedtls_mpi expected_mpi; | 
|  | 305 | mbedtls_mpi actual_mpi; | 
| Gilles Peskine | 970dcbf | 2019-10-10 19:21:12 +0200 | [diff] [blame] | 306 | mbedtls_mpi complement; | 
| Gilles Peskine | 03c165e | 2019-10-10 19:15:18 +0200 | [diff] [blame] | 307 | int expected_result_for_mpi = expected_result; | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 308 | #endif | 
|  | 309 | long expected_value; | 
|  | 310 | int expected_result_for_int = expected_result; | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 311 | int val; | 
|  | 312 | int ret; | 
|  | 313 |  | 
|  | 314 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 315 | mbedtls_mpi_init( &expected_mpi ); | 
|  | 316 | mbedtls_mpi_init( &actual_mpi ); | 
| Gilles Peskine | 970dcbf | 2019-10-10 19:21:12 +0200 | [diff] [blame] | 317 | mbedtls_mpi_init( &complement ); | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 318 | #endif | 
|  | 319 |  | 
|  | 320 | errno = 0; | 
|  | 321 | expected_value = strtol( expected_hex, NULL, 16 ); | 
|  | 322 | if( expected_result == 0 && | 
|  | 323 | ( errno == ERANGE | 
|  | 324 | #if LONG_MAX > INT_MAX | 
|  | 325 | || expected_value > INT_MAX || expected_value < INT_MIN | 
|  | 326 | #endif | 
|  | 327 | ) ) | 
|  | 328 | { | 
| Gilles Peskine | 970dcbf | 2019-10-10 19:21:12 +0200 | [diff] [blame] | 329 | /* The library returns the dubious error code INVALID_LENGTH | 
|  | 330 | * for integers that are out of range. */ | 
|  | 331 | expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; | 
|  | 332 | } | 
|  | 333 | if( expected_result == 0 && expected_value < 0 ) | 
|  | 334 | { | 
|  | 335 | /* The library does not support negative INTEGERs and | 
|  | 336 | * returns the dubious error code INVALID_LENGTH. | 
|  | 337 | * Test that we preserve the historical behavior. If we | 
|  | 338 | * decide to change the behavior, we'll also change this test. */ | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 339 | expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; | 
|  | 340 | } | 
|  | 341 |  | 
|  | 342 | p = input->x; | 
|  | 343 | ret = mbedtls_asn1_get_int( &p, input->x + input->len, &val ); | 
|  | 344 | TEST_EQUAL( ret, expected_result_for_int ); | 
|  | 345 | if( ret == 0 ) | 
|  | 346 | { | 
|  | 347 | TEST_EQUAL( val, expected_value ); | 
|  | 348 | TEST_ASSERT( p == input->x + input->len ); | 
|  | 349 | } | 
|  | 350 |  | 
|  | 351 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 352 | ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex ); | 
|  | 353 | TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); | 
|  | 354 | if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) | 
|  | 355 | { | 
|  | 356 | /* The data overflows the maximum MPI size. */ | 
|  | 357 | expected_result_for_mpi = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; | 
|  | 358 | } | 
|  | 359 | p = input->x; | 
|  | 360 | ret = mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ); | 
|  | 361 | TEST_EQUAL( ret, expected_result_for_mpi ); | 
|  | 362 | if( ret == 0 ) | 
|  | 363 | { | 
| Gilles Peskine | 970dcbf | 2019-10-10 19:21:12 +0200 | [diff] [blame] | 364 | if( expected_value >= 0 ) | 
|  | 365 | { | 
|  | 366 | TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi, | 
|  | 367 | &expected_mpi ) == 0 ); | 
|  | 368 | } | 
|  | 369 | else | 
|  | 370 | { | 
|  | 371 | /* The library ignores the sign bit in ASN.1 INTEGERs | 
|  | 372 | * (which makes sense insofar as INTEGERs are sometimes | 
|  | 373 | * abused as bit strings), so the result of parsing them | 
|  | 374 | * is a positive integer such that expected_mpi + | 
|  | 375 | * actual_mpi = 2^n where n is the length of the content | 
|  | 376 | * of the INTEGER. (Leading ff octets don't matter for the | 
|  | 377 | * expected value, but they matter for the actual value.) | 
|  | 378 | * Test that we don't change from this behavior. If we | 
|  | 379 | * decide to fix the library to change the behavior on | 
|  | 380 | * negative INTEGERs, we'll fix this test code. */ | 
|  | 381 | unsigned char *q = input->x + 1; | 
|  | 382 | size_t len; | 
|  | 383 | TEST_ASSERT( mbedtls_asn1_get_len( &q, input->x + input->len, | 
|  | 384 | &len ) == 0 ); | 
|  | 385 | TEST_ASSERT( mbedtls_mpi_lset( &complement, 1 ) == 0 ); | 
|  | 386 | TEST_ASSERT( mbedtls_mpi_shift_l( &complement, len * 8 ) == 0 ); | 
|  | 387 | TEST_ASSERT( mbedtls_mpi_add_mpi( &complement, &complement, | 
|  | 388 | &expected_mpi ) == 0 ); | 
|  | 389 | TEST_ASSERT( mbedtls_mpi_cmp_mpi( &complement, | 
|  | 390 | &actual_mpi ) == 0 ); | 
|  | 391 | } | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 392 | TEST_ASSERT( p == input->x + input->len ); | 
|  | 393 | } | 
|  | 394 | #endif | 
|  | 395 |  | 
|  | 396 | exit: | 
|  | 397 | #if defined(MBEDTLS_BIGNUM_C) | 
|  | 398 | mbedtls_mpi_free( &expected_mpi ); | 
|  | 399 | mbedtls_mpi_free( &actual_mpi ); | 
| Gilles Peskine | 970dcbf | 2019-10-10 19:21:12 +0200 | [diff] [blame] | 400 | mbedtls_mpi_free( &complement ); | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 401 | #endif | 
| Gilles Peskine | 03c165e | 2019-10-10 19:15:18 +0200 | [diff] [blame] | 402 | /*empty cleanup in some configurations*/ ; | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 403 | } | 
|  | 404 | /* END_CASE */ | 
|  | 405 |  | 
| Mykhailo Sopiha | 6af7bf9 | 2019-10-31 15:55:16 +0200 | [diff] [blame] | 406 | /* BEGIN_CASE */ | 
|  | 407 | void get_enum( const data_t *input, | 
|  | 408 | const char *expected_hex, int expected_result ) | 
|  | 409 | { | 
|  | 410 | unsigned char *p; | 
|  | 411 | long expected_value; | 
|  | 412 | int expected_result_for_enum = expected_result; | 
|  | 413 | int val; | 
|  | 414 | int ret; | 
|  | 415 |  | 
|  | 416 | errno = 0; | 
|  | 417 | expected_value = strtol( expected_hex, NULL, 16 ); | 
|  | 418 | if( expected_result == 0 && | 
|  | 419 | ( errno == ERANGE | 
|  | 420 | #if LONG_MAX > INT_MAX | 
|  | 421 | || expected_value > INT_MAX || expected_value < INT_MIN | 
|  | 422 | #endif | 
|  | 423 | ) ) | 
|  | 424 | { | 
|  | 425 | /* The library returns the dubious error code INVALID_LENGTH | 
|  | 426 | * for integers that are out of range. */ | 
|  | 427 | expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH; | 
|  | 428 | } | 
|  | 429 | if( expected_result == 0 && expected_value < 0 ) | 
|  | 430 | { | 
|  | 431 | /* The library does not support negative INTEGERs and | 
|  | 432 | * returns the dubious error code INVALID_LENGTH. | 
|  | 433 | * Test that we preserve the historical behavior. If we | 
|  | 434 | * decide to change the behavior, we'll also change this test. */ | 
|  | 435 | expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH; | 
|  | 436 | } | 
|  | 437 |  | 
|  | 438 | p = input->x; | 
|  | 439 | ret = mbedtls_asn1_get_enum( &p, input->x + input->len, &val ); | 
|  | 440 | TEST_EQUAL( ret, expected_result_for_enum ); | 
|  | 441 | if( ret == 0 ) | 
|  | 442 | { | 
|  | 443 | TEST_EQUAL( val, expected_value ); | 
|  | 444 | TEST_ASSERT( p == input->x + input->len ); | 
|  | 445 | } | 
|  | 446 | } | 
|  | 447 | /* END_CASE */ | 
|  | 448 |  | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 449 | /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ | 
|  | 450 | void get_mpi_too_large( ) | 
|  | 451 | { | 
|  | 452 | unsigned char *buf = NULL; | 
|  | 453 | unsigned char *p; | 
|  | 454 | mbedtls_mpi actual_mpi; | 
|  | 455 | size_t too_many_octets = | 
|  | 456 | MBEDTLS_MPI_MAX_LIMBS * sizeof(mbedtls_mpi_uint) + 1; | 
|  | 457 | size_t size = too_many_octets + 6; | 
|  | 458 |  | 
|  | 459 | mbedtls_mpi_init( &actual_mpi ); | 
|  | 460 |  | 
|  | 461 | ASSERT_ALLOC( buf, size ); | 
|  | 462 | buf[0] = 0x02; /* tag: INTEGER */ | 
|  | 463 | buf[1] = 0x84; /* 4-octet length */ | 
|  | 464 | buf[2] = ( too_many_octets >> 24 ) & 0xff; | 
|  | 465 | buf[3] = ( too_many_octets >> 16 ) & 0xff; | 
|  | 466 | buf[4] = ( too_many_octets >> 8 ) & 0xff; | 
|  | 467 | buf[5] = too_many_octets & 0xff; | 
|  | 468 | buf[6] = 0x01; /* most significant octet */ | 
|  | 469 |  | 
|  | 470 | p = buf; | 
|  | 471 | TEST_EQUAL( mbedtls_asn1_get_mpi( &p, buf + size, &actual_mpi ), | 
|  | 472 | MBEDTLS_ERR_MPI_ALLOC_FAILED ); | 
|  | 473 |  | 
|  | 474 | exit: | 
|  | 475 | mbedtls_mpi_free( &actual_mpi ); | 
|  | 476 | mbedtls_free( buf ); | 
|  | 477 | } | 
|  | 478 | /* END_CASE */ | 
|  | 479 |  | 
|  | 480 | /* BEGIN_CASE */ | 
|  | 481 | void get_bitstring( const data_t *input, | 
|  | 482 | int expected_length, int expected_unused_bits, | 
|  | 483 | int expected_result, int expected_result_null ) | 
|  | 484 | { | 
|  | 485 | mbedtls_asn1_bitstring bs = { 0xdead, 0x21, NULL }; | 
|  | 486 | unsigned char *p = input->x; | 
|  | 487 |  | 
|  | 488 | TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, input->x + input->len, &bs ), | 
|  | 489 | expected_result ); | 
|  | 490 | if( expected_result == 0 ) | 
|  | 491 | { | 
|  | 492 | TEST_EQUAL( bs.len, (size_t) expected_length ); | 
|  | 493 | TEST_EQUAL( bs.unused_bits, expected_unused_bits ); | 
|  | 494 | TEST_ASSERT( bs.p != NULL ); | 
|  | 495 | TEST_EQUAL( bs.p - input->x + bs.len, input->len ); | 
|  | 496 | TEST_ASSERT( p == input->x + input->len ); | 
|  | 497 | } | 
|  | 498 |  | 
|  | 499 | p = input->x; | 
|  | 500 | TEST_EQUAL( mbedtls_asn1_get_bitstring_null( &p, input->x + input->len, | 
|  | 501 | &bs.len ), | 
|  | 502 | expected_result_null ); | 
|  | 503 | if( expected_result_null == 0 ) | 
|  | 504 | { | 
|  | 505 | TEST_EQUAL( bs.len, (size_t) expected_length ); | 
|  | 506 | if( expected_result == 0 ) | 
|  | 507 | TEST_ASSERT( p == input->x + input->len - bs.len ); | 
|  | 508 | } | 
|  | 509 | } | 
|  | 510 | /* END_CASE */ | 
|  | 511 |  | 
|  | 512 | /* BEGIN_CASE */ | 
|  | 513 | void get_sequence_of( const data_t *input, int tag, | 
|  | 514 | const char *description, | 
|  | 515 | int expected_result ) | 
|  | 516 | { | 
|  | 517 | mbedtls_asn1_sequence head = { { 0, 0, NULL }, NULL }; | 
|  | 518 | mbedtls_asn1_sequence *cur, *next; | 
|  | 519 | unsigned char *p = input->x; | 
|  | 520 | const char *rest = description; | 
|  | 521 | unsigned long n; | 
|  | 522 |  | 
|  | 523 | TEST_EQUAL( mbedtls_asn1_get_sequence_of( &p, input->x + input->len, | 
|  | 524 | &head, tag ), | 
|  | 525 | expected_result ); | 
|  | 526 | if( expected_result == 0 ) | 
|  | 527 | { | 
|  | 528 | TEST_ASSERT( p == input->x + input->len ); | 
|  | 529 |  | 
|  | 530 | if( ! *rest ) | 
|  | 531 | { | 
|  | 532 | TEST_EQUAL( head.buf.tag, 0 ); | 
|  | 533 | TEST_ASSERT( head.buf.p == NULL ); | 
|  | 534 | TEST_EQUAL( head.buf.len, 0 ); | 
|  | 535 | TEST_ASSERT( head.next == NULL ); | 
|  | 536 | } | 
|  | 537 | else | 
|  | 538 | { | 
|  | 539 | cur = &head; | 
|  | 540 | while( *rest ) | 
|  | 541 | { | 
|  | 542 | ++test_info.step; | 
|  | 543 | TEST_ASSERT( cur != NULL ); | 
|  | 544 | TEST_EQUAL( cur->buf.tag, tag ); | 
|  | 545 | n = strtoul( rest, (char **) &rest, 0 ); | 
|  | 546 | TEST_EQUAL( n, (size_t)( cur->buf.p - input->x ) ); | 
|  | 547 | ++rest; | 
|  | 548 | n = strtoul( rest, (char **) &rest, 0 ); | 
|  | 549 | TEST_EQUAL( n, cur->buf.len ); | 
|  | 550 | if( *rest ) | 
|  | 551 | ++rest; | 
|  | 552 | cur = cur->next; | 
|  | 553 | } | 
|  | 554 | TEST_ASSERT( cur == NULL ); | 
|  | 555 | } | 
|  | 556 | } | 
|  | 557 |  | 
|  | 558 | exit: | 
|  | 559 | cur = head.next; | 
|  | 560 | while( cur != NULL ) | 
|  | 561 | { | 
|  | 562 | next = cur->next; | 
|  | 563 | mbedtls_free( cur ); | 
|  | 564 | cur = next; | 
|  | 565 | } | 
|  | 566 | } | 
|  | 567 | /* END_CASE */ | 
|  | 568 |  | 
|  | 569 | /* BEGIN_CASE */ | 
|  | 570 | void get_alg( const data_t *input, | 
|  | 571 | int oid_offset, int oid_length, | 
|  | 572 | int params_tag, int params_offset, int params_length, | 
|  | 573 | int total_length, | 
|  | 574 | int expected_result ) | 
|  | 575 | { | 
|  | 576 | mbedtls_asn1_buf oid = { -1, 0, NULL }; | 
|  | 577 | mbedtls_asn1_buf params = { -1, 0, NULL }; | 
|  | 578 | unsigned char *p = input->x; | 
|  | 579 | int ret; | 
|  | 580 |  | 
|  | 581 | TEST_EQUAL( mbedtls_asn1_get_alg( &p, input->x + input->len, | 
|  | 582 | &oid, ¶ms ), | 
|  | 583 | expected_result ); | 
|  | 584 | if( expected_result == 0 ) | 
|  | 585 | { | 
|  | 586 | TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); | 
|  | 587 | TEST_EQUAL( oid.p - input->x, oid_offset ); | 
|  | 588 | TEST_EQUAL( oid.len, (size_t) oid_length ); | 
|  | 589 | TEST_EQUAL( params.tag, params_tag ); | 
|  | 590 | if( params_offset != 0 ) | 
|  | 591 | TEST_EQUAL( params.p - input->x, params_offset ); | 
|  | 592 | else | 
|  | 593 | TEST_ASSERT( params.p == NULL ); | 
|  | 594 | TEST_EQUAL( params.len, (size_t) params_length ); | 
|  | 595 | TEST_EQUAL( p - input->x, total_length ); | 
|  | 596 | } | 
|  | 597 |  | 
|  | 598 | ret = mbedtls_asn1_get_alg_null( &p, input->x + input->len, &oid ); | 
|  | 599 | if( expected_result == 0 && params_offset == 0 ) | 
|  | 600 | { | 
|  | 601 | TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); | 
|  | 602 | TEST_EQUAL( oid.p - input->x, oid_offset ); | 
|  | 603 | TEST_EQUAL( oid.len, (size_t) oid_length ); | 
|  | 604 | TEST_EQUAL( p - input->x, total_length ); | 
|  | 605 | } | 
|  | 606 | else | 
|  | 607 | TEST_ASSERT( ret != 0 ); | 
|  | 608 | } | 
|  | 609 | /* END_CASE */ | 
|  | 610 |  | 
|  | 611 | /* BEGIN_CASE */ | 
|  | 612 | void find_named_data( data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3, | 
|  | 613 | data_t *needle, int from, int position ) | 
|  | 614 | { | 
|  | 615 | mbedtls_asn1_named_data nd[] ={ | 
|  | 616 | { {0x06, oid0->len, oid0->x}, {0, 0, NULL}, NULL, 0 }, | 
|  | 617 | { {0x06, oid1->len, oid1->x}, {0, 0, NULL}, NULL, 0 }, | 
|  | 618 | { {0x06, oid2->len, oid2->x}, {0, 0, NULL}, NULL, 0 }, | 
|  | 619 | { {0x06, oid3->len, oid3->x}, {0, 0, NULL}, NULL, 0 }, | 
|  | 620 | }; | 
|  | 621 | mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; | 
|  | 622 | size_t i; | 
|  | 623 | mbedtls_asn1_named_data *found; | 
|  | 624 |  | 
|  | 625 | for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) | 
|  | 626 | pointers[i] = &nd[i]; | 
|  | 627 | pointers[ARRAY_LENGTH( nd )] = NULL; | 
|  | 628 | for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) | 
|  | 629 | nd[i].next = pointers[i+1]; | 
|  | 630 |  | 
|  | 631 | found = mbedtls_asn1_find_named_data( pointers[from], | 
|  | 632 | (const char *) needle->x, | 
|  | 633 | needle->len ); | 
|  | 634 | TEST_ASSERT( found == pointers[position] ); | 
|  | 635 | } | 
|  | 636 | /* END_CASE */ | 
|  | 637 |  | 
|  | 638 | /* BEGIN_CASE */ | 
|  | 639 | void free_named_data_null( ) | 
|  | 640 | { | 
|  | 641 | mbedtls_asn1_free_named_data( NULL ); | 
|  | 642 | goto exit; /* Silence unused label warning */ | 
|  | 643 | } | 
|  | 644 | /* END_CASE */ | 
|  | 645 |  | 
|  | 646 | /* BEGIN_CASE */ | 
|  | 647 | void free_named_data( int with_oid, int with_val, int with_next ) | 
|  | 648 | { | 
|  | 649 | mbedtls_asn1_named_data next = | 
|  | 650 | { {0x06, 0, NULL}, {0, 0xcafe, NULL}, NULL, 0 }; | 
|  | 651 | mbedtls_asn1_named_data head = | 
|  | 652 | { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }; | 
|  | 653 |  | 
|  | 654 | if( with_oid ) | 
|  | 655 | ASSERT_ALLOC( head.oid.p, 1 ); | 
|  | 656 | if( with_val ) | 
|  | 657 | ASSERT_ALLOC( head.val.p, 1 ); | 
|  | 658 | if( with_next ) | 
|  | 659 | head.next = &next; | 
|  | 660 |  | 
|  | 661 | mbedtls_asn1_free_named_data( &head ); | 
|  | 662 | TEST_ASSERT( head.oid.p == NULL ); | 
|  | 663 | TEST_ASSERT( head.val.p == NULL ); | 
|  | 664 | TEST_ASSERT( head.next == NULL ); | 
|  | 665 | TEST_ASSERT( next.val.len == 0xcafe ); | 
|  | 666 |  | 
|  | 667 | exit: | 
|  | 668 | mbedtls_free( head.oid.p ); | 
|  | 669 | mbedtls_free( head.val.p ); | 
|  | 670 | } | 
|  | 671 | /* END_CASE */ | 
|  | 672 |  | 
|  | 673 | /* BEGIN_CASE */ | 
|  | 674 | void free_named_data_list( int length ) | 
|  | 675 | { | 
|  | 676 | mbedtls_asn1_named_data *head = NULL; | 
|  | 677 | int i; | 
|  | 678 |  | 
|  | 679 | for( i = 0; i < length; i++ ) | 
|  | 680 | { | 
|  | 681 | mbedtls_asn1_named_data *new = NULL; | 
|  | 682 | ASSERT_ALLOC( new, sizeof( mbedtls_asn1_named_data ) ); | 
| Gilles Peskine | 88f136f | 2019-09-20 21:06:27 +0200 | [diff] [blame] | 683 | new->next = head; | 
| Gilles Peskine | 27d806f | 2019-03-01 18:02:53 +0100 | [diff] [blame] | 684 | head = new; | 
|  | 685 | } | 
|  | 686 |  | 
|  | 687 | mbedtls_asn1_free_named_data_list( &head ); | 
|  | 688 | TEST_ASSERT( head == NULL ); | 
|  | 689 | /* Most of the point of the test is that it doesn't leak memory. | 
|  | 690 | * So this test is only really useful under a memory leak detection | 
|  | 691 | * framework. */ | 
|  | 692 | exit: | 
|  | 693 | mbedtls_asn1_free_named_data_list( &head ); | 
|  | 694 | } | 
|  | 695 | /* END_CASE */ |