Skip to content

Commit f13b01c

Browse files
samuel40791765samuel40791765
committed
Reinstate indefinite length and [UNIVERSAL 0] support in crypto/asn1
1 parent dc5fe84 commit f13b01c

File tree

5 files changed

+289
-83
lines changed

5 files changed

+289
-83
lines changed

crypto/asn1/asn1_test.cc

Lines changed: 63 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -2356,45 +2356,81 @@ TEST(ASN1Test, GetObject) {
23562356

23572357
}
23582358

2359-
template <typename T>
2360-
void ExpectNoParse(T *(*d2i)(T **, const uint8_t **, long),
2361-
const std::vector<uint8_t> &in) {
2362-
SCOPED_TRACE(Bytes(in));
2363-
const uint8_t *ptr = in.data();
2364-
bssl::UniquePtr<T> obj(d2i(nullptr, &ptr, in.size()));
2365-
EXPECT_FALSE(obj);
2366-
}
2367-
23682359
// The zero tag, constructed or primitive, is reserved and should rejected by
23692360
// the parser.
23702361
TEST(ASN1Test, ZeroTag) {
2371-
ExpectNoParse(d2i_ASN1_TYPE, {0x00, 0x00});
2372-
ExpectNoParse(d2i_ASN1_TYPE, {0x00, 0x10, 0x00});
2373-
ExpectNoParse(d2i_ASN1_TYPE, {0x20, 0x00});
2374-
ExpectNoParse(d2i_ASN1_TYPE, {0x20, 0x00});
2375-
ExpectNoParse(d2i_ASN1_SEQUENCE_ANY, {0x30, 0x02, 0x00, 0x00});
2376-
ExpectNoParse(d2i_ASN1_SET_ANY, {0x31, 0x02, 0x00, 0x00});
2362+
ExpectParse(d2i_ASN1_TYPE, {0x00, 0x00}, true);
2363+
ExpectParse(d2i_ASN1_TYPE, {0x00, 0x10, 0x00},
2364+
false); // OpenSSL also rejects this.
23772365
// SEQUENCE {
23782366
// OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.1 }
2379-
// [UNIVERSAL 0 PRIMITIVE] {}
2367+
// [UNIVERSAL 0 PRIMITIVE] { "a" }
23802368
// }
2381-
ExpectNoParse(d2i_X509_ALGOR,
2382-
{0x30, 0x10, 0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12,
2383-
0x04, 0x01, 0x84, 0xb7, 0x09, 0x01, 0x00, 0x00});
2369+
ExpectParse(d2i_X509_ALGOR,
2370+
{0x30, 0x11, 0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
2371+
0x01, 0x84, 0xb7, 0x09, 0x01, 0x00, 0x01, 0x61},
2372+
true);
2373+
2374+
2375+
// The following test cases are rejected by OpenSSL with their type specific
2376+
// counterparts. They are parsable with |d2i_ASN1_TYPE| however, and we test
2377+
// that later.
2378+
const std::vector<uint8_t> zero_tag_sequence = {0x30, 0x02, 0x00, 0x00};
2379+
const std::vector<uint8_t> zero_tag_set_any = {0x31, 0x02, 0x00, 0x00};
23842380
// SEQUENCE {
23852381
// OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.1 }
2386-
// [UNIVERSAL 0 CONSTRUCTED] {}
2382+
// [UNIVERSAL 0 PRIMITIVE] {}
23872383
// }
2388-
ExpectNoParse(d2i_X509_ALGOR,
2389-
{0x30, 0x10, 0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12,
2390-
0x04, 0x01, 0x84, 0xb7, 0x09, 0x01, 0x20, 0x00});
2384+
const std::vector<uint8_t> universal_0_primitive_empty = {
2385+
0x30, 0x10, 0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7,
2386+
0x12, 0x04, 0x01, 0x84, 0xb7, 0x09, 0x01, 0x00, 0x00};
2387+
ExpectParse(d2i_ASN1_SEQUENCE_ANY, zero_tag_sequence, false);
2388+
ExpectParse(d2i_ASN1_SET_ANY, zero_tag_set_any, false);
2389+
ExpectParse(d2i_X509_ALGOR, universal_0_primitive_empty, false);
2390+
// Test that the equivalent test cases are parsable with |ASN1_TYPE| (like
2391+
// OpenSSL).
2392+
ExpectParse(d2i_ASN1_TYPE, zero_tag_sequence, true);
2393+
ExpectParse(d2i_ASN1_TYPE, zero_tag_set_any, true);
2394+
ExpectParse(d2i_ASN1_TYPE, universal_0_primitive_empty, true);
2395+
2396+
2397+
// TODO: Change expectation of below to true. Below use BER constructed
2398+
// strings and will still fail until we revert a70edd4.
2399+
23912400
// SEQUENCE {
23922401
// OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.1 }
2393-
// [UNIVERSAL 0 PRIMITIVE] { "a" }
2402+
// [UNIVERSAL 0 CONSTRUCTED] {}
23942403
// }
2395-
ExpectNoParse(d2i_X509_ALGOR,
2396-
{0x30, 0x11, 0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12,
2397-
0x04, 0x01, 0x84, 0xb7, 0x09, 0x01, 0x00, 0x01, 0x61});
2404+
ExpectParse(d2i_X509_ALGOR,
2405+
{0x30, 0x10, 0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
2406+
0x01, 0x84, 0xb7, 0x09, 0x01, 0x20, 0x00},
2407+
false);
2408+
2409+
ExpectParse(d2i_ASN1_TYPE, {0x20, 0x00}, false);
2410+
ExpectParse(d2i_ASN1_TYPE, {0x20, 0x00}, false);
2411+
}
2412+
2413+
TEST(ASN1Test, IndefiniteLength) {
2414+
// Indefinite lengths are more common across container types.
2415+
ExpectParse(d2i_ASN1_SEQUENCE_ANY, {0x30, 0x80, 0x02, 0x01, 0x2a, 0x00, 0x00},
2416+
true);
2417+
ExpectParse(d2i_ASN1_SET_ANY,
2418+
{0x31, 0x80, 0x02, 0x01, 0x01, 0x02, 0x01, 0x02, 0x00, 0x00},
2419+
true);
2420+
2421+
// The ones below use constructed form and should fail for now. This is
2422+
// indicated with (0x20 | 0x??) in the first byte.
2423+
ExpectParse(d2i_ASN1_INTEGER,
2424+
{0x22, 0x80, 0x02, 0x01, 0x12, 0x02, 0x01, 0x34, 0x00, 0x00},
2425+
false);
2426+
ExpectParse(
2427+
d2i_ASN1_OCTET_STRING,
2428+
{0x24, 0x80, 0x04, 0x02, 0x12, 0x34, 0x04, 0x02, 0x56, 0x78, 0x00, 0x00},
2429+
false);
2430+
ExpectParse(
2431+
d2i_ASN1_BIT_STRING,
2432+
{0x23, 0x80, 0x03, 0x02, 0x00, 0xFF, 0x03, 0x02, 0x00, 0xAA, 0x00, 0x00},
2433+
false);
23982434
}
23992435

24002436
// Exhaustively test POSIX time conversions for every day across the millenium.

0 commit comments

Comments
 (0)