1 // Copyright 2015 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "parse_values.h"
6
7 #include <stdint.h>
8
9 #include <gtest/gtest.h>
10
11 namespace bssl::der::test {
12
13 namespace {
14
15 template <size_t N>
FromStringLiteral(const char (& data)[N])16 Input FromStringLiteral(const char (&data)[N]) {
17 // Strings are null-terminated. The null terminating byte shouldn't be
18 // included in the Input, so the size is N - 1 instead of N.
19 return Input(reinterpret_cast<const uint8_t *>(data), N - 1);
20 }
21
22 } // namespace
23
TEST(ParseValuesTest,ParseBool)24 TEST(ParseValuesTest, ParseBool) {
25 uint8_t buf[] = {0xFF, 0x00};
26 Input value(buf, 1);
27 bool out;
28 EXPECT_TRUE(ParseBool(value, &out));
29 EXPECT_TRUE(out);
30
31 buf[0] = 0;
32 EXPECT_TRUE(ParseBool(value, &out));
33 EXPECT_FALSE(out);
34
35 buf[0] = 1;
36 EXPECT_FALSE(ParseBool(value, &out));
37 EXPECT_TRUE(ParseBoolRelaxed(value, &out));
38 EXPECT_TRUE(out);
39
40 buf[0] = 0xFF;
41 value = Input(buf, 2);
42 EXPECT_FALSE(ParseBool(value, &out));
43 value = Input(buf, 0);
44 EXPECT_FALSE(ParseBool(value, &out));
45 }
46
TEST(ParseValuesTest,ParseTimes)47 TEST(ParseValuesTest, ParseTimes) {
48 GeneralizedTime out;
49
50 EXPECT_TRUE(ParseUTCTime(FromStringLiteral("140218161200Z"), &out));
51
52 // DER-encoded UTCTime must end with 'Z'.
53 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200X"), &out));
54
55 // Check that a negative number (-4 in this case) doesn't get parsed as
56 // a 2-digit number.
57 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("-40218161200Z"), &out));
58
59 // Check that numbers with a leading 0 don't get parsed in octal by making
60 // the second digit an invalid octal digit (e.g. 09).
61 EXPECT_TRUE(ParseUTCTime(FromStringLiteral("090218161200Z"), &out));
62
63 // Check that the length is validated.
64 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200"), &out));
65 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200Z0"), &out));
66
67 // Check strictness of UTCTime parsers.
68 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("1402181612Z"), &out));
69
70 // Check format of GeneralizedTime.
71
72 // Years 0 and 9999 are allowed.
73 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("00000101000000Z"), &out));
74 EXPECT_EQ(0, out.year);
75 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("99991231235960Z"), &out));
76 EXPECT_EQ(9999, out.year);
77
78 // Leap seconds are allowed.
79 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20140218161260Z"), &out));
80
81 // But nothing larger than a leap second.
82 EXPECT_FALSE(
83 ParseGeneralizedTime(FromStringLiteral("20140218161261Z"), &out));
84
85 // Minutes only go up to 59.
86 EXPECT_FALSE(
87 ParseGeneralizedTime(FromStringLiteral("20140218166000Z"), &out));
88
89 // Hours only go up to 23.
90 EXPECT_FALSE(
91 ParseGeneralizedTime(FromStringLiteral("20140218240000Z"), &out));
92 // The 0th day of a month is invalid.
93 EXPECT_FALSE(
94 ParseGeneralizedTime(FromStringLiteral("20140200161200Z"), &out));
95 // The 0th month is invalid.
96 EXPECT_FALSE(
97 ParseGeneralizedTime(FromStringLiteral("20140018161200Z"), &out));
98 // Months greater than 12 are invalid.
99 EXPECT_FALSE(
100 ParseGeneralizedTime(FromStringLiteral("20141318161200Z"), &out));
101
102 // Some months have 31 days.
103 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20140131000000Z"), &out));
104
105 // September has only 30 days.
106 EXPECT_FALSE(
107 ParseGeneralizedTime(FromStringLiteral("20140931000000Z"), &out));
108
109 // February has only 28 days...
110 EXPECT_FALSE(
111 ParseGeneralizedTime(FromStringLiteral("20140229000000Z"), &out));
112
113 // ... unless it's a leap year.
114 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20160229000000Z"), &out));
115
116 // There aren't any leap days in years divisible by 100...
117 EXPECT_FALSE(
118 ParseGeneralizedTime(FromStringLiteral("21000229000000Z"), &out));
119
120 // ...unless it's also divisible by 400.
121 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20000229000000Z"), &out));
122
123 // Check more perverse invalid inputs.
124
125 // Check that trailing null bytes are not ignored.
126 EXPECT_FALSE(
127 ParseGeneralizedTime(FromStringLiteral("20001231010203Z\0"), &out));
128
129 // Check what happens when a null byte is in the middle of the input.
130 EXPECT_FALSE(ParseGeneralizedTime(FromStringLiteral("200\0"
131 "1231010203Z"),
132 &out));
133
134 // The year can't be in hex.
135 EXPECT_FALSE(
136 ParseGeneralizedTime(FromStringLiteral("0x201231000000Z"), &out));
137
138 // The last byte must be 'Z'.
139 EXPECT_FALSE(
140 ParseGeneralizedTime(FromStringLiteral("20001231000000X"), &out));
141
142 // Check that the length is validated.
143 EXPECT_FALSE(ParseGeneralizedTime(FromStringLiteral("20140218161200"), &out));
144 EXPECT_FALSE(
145 ParseGeneralizedTime(FromStringLiteral("20140218161200Z0"), &out));
146 }
147
TEST(ParseValuesTest,TimesCompare)148 TEST(ParseValuesTest, TimesCompare) {
149 GeneralizedTime time1;
150 GeneralizedTime time2;
151 GeneralizedTime time3;
152
153 ASSERT_TRUE(
154 ParseGeneralizedTime(FromStringLiteral("20140218161200Z"), &time1));
155 // Test that ParseUTCTime correctly normalizes the year.
156 ASSERT_TRUE(ParseUTCTime(FromStringLiteral("150218161200Z"), &time2));
157 ASSERT_TRUE(
158 ParseGeneralizedTime(FromStringLiteral("20160218161200Z"), &time3));
159 EXPECT_TRUE(time1 < time2);
160 EXPECT_TRUE(time2 < time3);
161
162 EXPECT_TRUE(time2 > time1);
163 EXPECT_TRUE(time2 >= time1);
164 EXPECT_TRUE(time2 <= time3);
165 EXPECT_TRUE(time1 <= time1);
166 EXPECT_TRUE(time1 >= time1);
167 }
168
TEST(ParseValuesTest,UTCTimeRange)169 TEST(ParseValuesTest, UTCTimeRange) {
170 GeneralizedTime time;
171 ASSERT_TRUE(
172 ParseGeneralizedTime(FromStringLiteral("20140218161200Z"), &time));
173 EXPECT_TRUE(time.InUTCTimeRange());
174
175 time.year = 1950;
176 EXPECT_TRUE(time.InUTCTimeRange());
177
178 time.year = 1949;
179 EXPECT_FALSE(time.InUTCTimeRange());
180
181 time.year = 2049;
182 EXPECT_TRUE(time.InUTCTimeRange());
183
184 time.year = 2050;
185 EXPECT_FALSE(time.InUTCTimeRange());
186 }
187
188 struct Uint64TestData {
189 bool should_pass;
190 const uint8_t input[9];
191 size_t length;
192 uint64_t expected_value = 0;
193 };
194
195 const Uint64TestData kUint64TestData[] = {
196 {true, {0x00}, 1, 0},
197 // This number fails because it is not a minimal representation.
198 {false, {0x00, 0x00}, 2},
199 {true, {0x01}, 1, 1},
200 {false, {0xFF}, 1},
201 {true, {0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 8, INT64_MAX},
202 {true,
203 {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
204 9,
205 UINT64_MAX},
206 // This number fails because it is negative.
207 {false, {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 8},
208 {false, {0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 8},
209 {false, {0x00, 0x01}, 2},
210 {false, {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09}, 9},
211 {false, {0}, 0},
212 };
213
TEST(ParseValuesTest,ParseUint64)214 TEST(ParseValuesTest, ParseUint64) {
215 for (size_t i = 0; i < std::size(kUint64TestData); i++) {
216 const Uint64TestData &test_case = kUint64TestData[i];
217 SCOPED_TRACE(i);
218
219 uint64_t result;
220 EXPECT_EQ(test_case.should_pass,
221 ParseUint64(Input(test_case.input, test_case.length), &result));
222 if (test_case.should_pass) {
223 EXPECT_EQ(test_case.expected_value, result);
224 }
225 }
226 }
227
228 struct Uint8TestData {
229 bool should_pass;
230 const uint8_t input[9];
231 size_t length;
232 uint8_t expected_value = 0;
233 };
234
235 const Uint8TestData kUint8TestData[] = {
236 {true, {0x00}, 1, 0},
237 // This number fails because it is not a minimal representation.
238 {false, {0x00, 0x00}, 2},
239 {true, {0x01}, 1, 1},
240 {false, {0x01, 0xFF}, 2},
241 {false, {0x03, 0x83}, 2},
242 {true, {0x7F}, 1, 0x7F},
243 {true, {0x00, 0xFF}, 2, 0xFF},
244 // This number fails because it is negative.
245 {false, {0xFF}, 1},
246 {false, {0x80}, 1},
247 {false, {0x00, 0x01}, 2},
248 {false, {0}, 0},
249 };
250
TEST(ParseValuesTest,ParseUint8)251 TEST(ParseValuesTest, ParseUint8) {
252 for (size_t i = 0; i < std::size(kUint8TestData); i++) {
253 const Uint8TestData &test_case = kUint8TestData[i];
254 SCOPED_TRACE(i);
255
256 uint8_t result;
257 EXPECT_EQ(test_case.should_pass,
258 ParseUint8(Input(test_case.input, test_case.length), &result));
259 if (test_case.should_pass) {
260 EXPECT_EQ(test_case.expected_value, result);
261 }
262 }
263 }
264
265 struct IsValidIntegerTestData {
266 bool should_pass;
267 const uint8_t input[2];
268 size_t length;
269 bool negative = false;
270 };
271
272 const IsValidIntegerTestData kIsValidIntegerTestData[] = {
273 // Empty input (invalid DER).
274 {false, {0x00}, 0},
275
276 // The correct encoding for zero.
277 {true, {0x00}, 1, false},
278
279 // Invalid representation of zero (not minimal)
280 {false, {0x00, 0x00}, 2},
281
282 // Valid single byte negative numbers.
283 {true, {0x80}, 1, true},
284 {true, {0xFF}, 1, true},
285
286 // Non-minimal negative number.
287 {false, {0xFF, 0x80}, 2},
288
289 // Positive number with a legitimate leading zero.
290 {true, {0x00, 0x80}, 2, false},
291
292 // A legitimate negative number that starts with FF (MSB of second byte is
293 // 0 so OK).
294 {true, {0xFF, 0x7F}, 2, true},
295 };
296
TEST(ParseValuesTest,IsValidInteger)297 TEST(ParseValuesTest, IsValidInteger) {
298 for (size_t i = 0; i < std::size(kIsValidIntegerTestData); i++) {
299 const auto &test_case = kIsValidIntegerTestData[i];
300 SCOPED_TRACE(i);
301
302 bool negative;
303 EXPECT_EQ(
304 test_case.should_pass,
305 IsValidInteger(Input(test_case.input, test_case.length), &negative));
306 if (test_case.should_pass) {
307 EXPECT_EQ(test_case.negative, negative);
308 }
309 }
310 }
311
312 // Tests parsing an empty BIT STRING.
TEST(ParseValuesTest,ParseBitStringEmptyNoUnusedBits)313 TEST(ParseValuesTest, ParseBitStringEmptyNoUnusedBits) {
314 const uint8_t kData[] = {0x00};
315
316 std::optional<BitString> bit_string = ParseBitString(Input(kData));
317 ASSERT_TRUE(bit_string.has_value());
318
319 EXPECT_EQ(0u, bit_string->unused_bits());
320 EXPECT_EQ(0u, bit_string->bytes().size());
321
322 EXPECT_FALSE(bit_string->AssertsBit(0));
323 EXPECT_FALSE(bit_string->AssertsBit(1));
324 EXPECT_FALSE(bit_string->AssertsBit(3));
325 }
326
327 // Tests parsing an empty BIT STRING that incorrectly claims one unused bit.
TEST(ParseValuesTest,ParseBitStringEmptyOneUnusedBit)328 TEST(ParseValuesTest, ParseBitStringEmptyOneUnusedBit) {
329 const uint8_t kData[] = {0x01};
330
331 std::optional<BitString> bit_string = ParseBitString(Input(kData));
332 EXPECT_FALSE(bit_string.has_value());
333 }
334
335 // Tests parsing an empty BIT STRING that is not minmally encoded (the entire
336 // last byte is comprised of unused bits).
TEST(ParseValuesTest,ParseBitStringNonEmptyTooManyUnusedBits)337 TEST(ParseValuesTest, ParseBitStringNonEmptyTooManyUnusedBits) {
338 const uint8_t kData[] = {0x08, 0x00};
339
340 std::optional<BitString> bit_string = ParseBitString(Input(kData));
341 EXPECT_FALSE(bit_string.has_value());
342 }
343
344 // Tests parsing a BIT STRING of 7 bits each of which are 1.
TEST(ParseValuesTest,ParseBitStringSevenOneBits)345 TEST(ParseValuesTest, ParseBitStringSevenOneBits) {
346 const uint8_t kData[] = {0x01, 0xFE};
347
348 std::optional<BitString> bit_string = ParseBitString(Input(kData));
349 ASSERT_TRUE(bit_string.has_value());
350
351 EXPECT_EQ(1u, bit_string->unused_bits());
352 EXPECT_EQ(1u, bit_string->bytes().size());
353 EXPECT_EQ(0xFE, bit_string->bytes()[0]);
354
355 EXPECT_TRUE(bit_string->AssertsBit(0));
356 EXPECT_TRUE(bit_string->AssertsBit(1));
357 EXPECT_TRUE(bit_string->AssertsBit(2));
358 EXPECT_TRUE(bit_string->AssertsBit(3));
359 EXPECT_TRUE(bit_string->AssertsBit(4));
360 EXPECT_TRUE(bit_string->AssertsBit(5));
361 EXPECT_TRUE(bit_string->AssertsBit(6));
362 EXPECT_FALSE(bit_string->AssertsBit(7));
363 EXPECT_FALSE(bit_string->AssertsBit(8));
364 }
365
366 // Tests parsing a BIT STRING of 7 bits each of which are 1. The unused bit
367 // however is set to 1, which is an invalid encoding.
TEST(ParseValuesTest,ParseBitStringSevenOneBitsUnusedBitIsOne)368 TEST(ParseValuesTest, ParseBitStringSevenOneBitsUnusedBitIsOne) {
369 const uint8_t kData[] = {0x01, 0xFF};
370
371 std::optional<BitString> bit_string = ParseBitString(Input(kData));
372 EXPECT_FALSE(bit_string.has_value());
373 }
374
TEST(ParseValuesTest,ParseIA5String)375 TEST(ParseValuesTest, ParseIA5String) {
376 const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62,
377 0x61, 0x72, 0x01, 0x7f};
378 std::string s;
379 EXPECT_TRUE(ParseIA5String(der::Input(valid_der), &s));
380 EXPECT_EQ("Foo bar\x01\x7f", s);
381
382 // 0x80 is not a valid character in IA5String.
383 const uint8_t invalid_der[] = {0x46, 0x6f, 0x80, 0x20, 0x62, 0x61, 0x72};
384 EXPECT_FALSE(ParseIA5String(der::Input(invalid_der), &s));
385 }
386
TEST(ParseValuesTest,ParseVisibleString)387 TEST(ParseValuesTest, ParseVisibleString) {
388 const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72, 0x7e};
389 std::string s;
390 EXPECT_TRUE(ParseVisibleString(der::Input(valid_der), &s));
391 EXPECT_EQ("Foo bar\x7e", s);
392
393 // 0x7f is not a valid character in VisibleString
394 const uint8_t invalid_der[] = {0x46, 0x6f, 0x7f, 0x20, 0x62, 0x61, 0x72};
395 EXPECT_FALSE(ParseVisibleString(der::Input(invalid_der), &s));
396
397 // 0x1f is not a valid character in VisibleString
398 const uint8_t invalid_der2[] = {0x46, 0x6f, 0x1f, 0x20, 0x62, 0x61, 0x72};
399 EXPECT_FALSE(ParseVisibleString(der::Input(invalid_der2), &s));
400 }
401
TEST(ParseValuesTest,ParsePrintableString)402 TEST(ParseValuesTest, ParsePrintableString) {
403 const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72};
404 std::string s;
405 EXPECT_TRUE(ParsePrintableString(der::Input(valid_der), &s));
406 EXPECT_EQ("Foo bar", s);
407
408 // 0x5f '_' is not a valid character in PrintableString.
409 const uint8_t invalid_der[] = {0x46, 0x6f, 0x5f, 0x20, 0x62, 0x61, 0x72};
410 EXPECT_FALSE(ParsePrintableString(der::Input(invalid_der), &s));
411 }
412
TEST(ParseValuesTest,ParseTeletexStringAsLatin1)413 TEST(ParseValuesTest, ParseTeletexStringAsLatin1) {
414 const uint8_t valid_der[] = {0x46, 0x6f, 0xd6, 0x20, 0x62, 0x61, 0x72};
415 std::string s;
416 EXPECT_TRUE(ParseTeletexStringAsLatin1(der::Input(valid_der), &s));
417 EXPECT_EQ("FoÖ bar", s);
418 }
419
TEST(ParseValuesTest,ParseBmpString)420 TEST(ParseValuesTest, ParseBmpString) {
421 const uint8_t valid_der[] = {0x00, 0x66, 0x00, 0x6f, 0x00, 0x6f,
422 0x00, 0x62, 0x00, 0x61, 0x00, 0x72};
423 std::string s;
424 EXPECT_TRUE(ParseBmpString(der::Input(valid_der), &s));
425 EXPECT_EQ("foobar", s);
426
427 const uint8_t valid_nonascii_der[] = {0x27, 0x28, 0x26, 0xa1, 0x2b, 0x50};
428 EXPECT_TRUE(ParseBmpString(der::Input(valid_nonascii_der), &s));
429 EXPECT_EQ("✨⚡⭐", s);
430
431 // BmpString must encode characters in pairs of 2 bytes.
432 const uint8_t invalid_odd_der[] = {0x00, 0x66, 0x00, 0x6f, 0x00};
433 EXPECT_FALSE(ParseBmpString(der::Input(invalid_odd_der), &s));
434
435 // UTF-16BE encoding of U+1D11E, MUSICAL SYMBOL G CLEF, which is not valid in
436 // UCS-2.
437 const uint8_t invalid_bmp_valid_utf16_with_surrogate[] = {0xd8, 0x34, 0xdd,
438 0x1e};
439 EXPECT_FALSE(
440 ParseBmpString(der::Input(invalid_bmp_valid_utf16_with_surrogate), &s));
441 }
442
TEST(ParseValuesTest,ParseUniversalString)443 TEST(ParseValuesTest, ParseUniversalString) {
444 const uint8_t valid_der[] = {0x00, 0x00, 0x00, 0x66, 0x00, 0x00, 0x00, 0x6f,
445 0x00, 0x00, 0x00, 0x6f, 0x00, 0x00, 0x00, 0x62,
446 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x72};
447 std::string s;
448 EXPECT_TRUE(ParseUniversalString(der::Input(valid_der), &s));
449 EXPECT_EQ("foobar", s);
450
451 const uint8_t valid_non_ascii_der[] = {0x0, 0x1, 0xf4, 0xe, 0x0, 0x0, 0x0,
452 0x20, 0x0, 0x1, 0xd1, 0x1e, 0x0, 0x0,
453 0x26, 0x69, 0x0, 0x0, 0x26, 0x6b};
454 EXPECT_TRUE(ParseUniversalString(der::Input(valid_non_ascii_der), &s));
455 EXPECT_EQ("�� ��♩♫", s);
456
457 // UniversalString must encode characters in groups of 4 bytes.
458 const uint8_t invalid_non_4_multiple_der[] = {0x00, 0x00, 0x00,
459 0x66, 0x00, 0x00};
460 EXPECT_FALSE(
461 ParseUniversalString(der::Input(invalid_non_4_multiple_der), &s));
462 }
463
464 } // namespace bssl::der::test
465