1 // Copyright 2015 The Chromium Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include "parse_values.h"
16
17 #include <stdint.h>
18
19 #include <gtest/gtest.h>
20
21 BSSL_NAMESPACE_BEGIN
22 namespace der::test {
23
24 namespace {
25
26 template <size_t N>
FromStringLiteral(const char (& data)[N])27 Input FromStringLiteral(const char (&data)[N]) {
28 // Strings are null-terminated. The null terminating byte shouldn't be
29 // included in the Input, so the size is N - 1 instead of N.
30 return Input(reinterpret_cast<const uint8_t *>(data), N - 1);
31 }
32
33 } // namespace
34
TEST(ParseValuesTest,ParseBool)35 TEST(ParseValuesTest, ParseBool) {
36 uint8_t buf[] = {0xFF, 0x00};
37 Input value(buf, 1);
38 bool out;
39 EXPECT_TRUE(ParseBool(value, &out));
40 EXPECT_TRUE(out);
41
42 buf[0] = 0;
43 EXPECT_TRUE(ParseBool(value, &out));
44 EXPECT_FALSE(out);
45
46 buf[0] = 1;
47 EXPECT_FALSE(ParseBool(value, &out));
48 EXPECT_TRUE(ParseBoolRelaxed(value, &out));
49 EXPECT_TRUE(out);
50
51 buf[0] = 0xFF;
52 value = Input(buf, 2);
53 EXPECT_FALSE(ParseBool(value, &out));
54 value = Input(buf, 0);
55 EXPECT_FALSE(ParseBool(value, &out));
56 }
57
TEST(ParseValuesTest,ParseTimes)58 TEST(ParseValuesTest, ParseTimes) {
59 GeneralizedTime out;
60
61 EXPECT_TRUE(ParseUTCTime(FromStringLiteral("140218161200Z"), &out));
62
63 // DER-encoded UTCTime must end with 'Z'.
64 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200X"), &out));
65
66 // Check that a negative number (-4 in this case) doesn't get parsed as
67 // a 2-digit number.
68 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("-40218161200Z"), &out));
69
70 // Check that numbers with a leading 0 don't get parsed in octal by making
71 // the second digit an invalid octal digit (e.g. 09).
72 EXPECT_TRUE(ParseUTCTime(FromStringLiteral("090218161200Z"), &out));
73
74 // Check that the length is validated.
75 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200"), &out));
76 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("140218161200Z0"), &out));
77
78 // Check strictness of UTCTime parsers.
79 EXPECT_FALSE(ParseUTCTime(FromStringLiteral("1402181612Z"), &out));
80
81 // Check format of GeneralizedTime.
82
83 // Years 0 and 9999 are allowed.
84 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("00000101000000Z"), &out));
85 EXPECT_EQ(0, out.year);
86 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("99991231235960Z"), &out));
87 EXPECT_EQ(9999, out.year);
88
89 // Leap seconds are allowed.
90 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20140218161260Z"), &out));
91
92 // But nothing larger than a leap second.
93 EXPECT_FALSE(
94 ParseGeneralizedTime(FromStringLiteral("20140218161261Z"), &out));
95
96 // Minutes only go up to 59.
97 EXPECT_FALSE(
98 ParseGeneralizedTime(FromStringLiteral("20140218166000Z"), &out));
99
100 // Hours only go up to 23.
101 EXPECT_FALSE(
102 ParseGeneralizedTime(FromStringLiteral("20140218240000Z"), &out));
103 // The 0th day of a month is invalid.
104 EXPECT_FALSE(
105 ParseGeneralizedTime(FromStringLiteral("20140200161200Z"), &out));
106 // The 0th month is invalid.
107 EXPECT_FALSE(
108 ParseGeneralizedTime(FromStringLiteral("20140018161200Z"), &out));
109 // Months greater than 12 are invalid.
110 EXPECT_FALSE(
111 ParseGeneralizedTime(FromStringLiteral("20141318161200Z"), &out));
112
113 // Some months have 31 days.
114 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20140131000000Z"), &out));
115
116 // September has only 30 days.
117 EXPECT_FALSE(
118 ParseGeneralizedTime(FromStringLiteral("20140931000000Z"), &out));
119
120 // February has only 28 days...
121 EXPECT_FALSE(
122 ParseGeneralizedTime(FromStringLiteral("20140229000000Z"), &out));
123
124 // ... unless it's a leap year.
125 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20160229000000Z"), &out));
126
127 // There aren't any leap days in years divisible by 100...
128 EXPECT_FALSE(
129 ParseGeneralizedTime(FromStringLiteral("21000229000000Z"), &out));
130
131 // ...unless it's also divisible by 400.
132 EXPECT_TRUE(ParseGeneralizedTime(FromStringLiteral("20000229000000Z"), &out));
133
134 // Check more perverse invalid inputs.
135
136 // Check that trailing null bytes are not ignored.
137 EXPECT_FALSE(
138 ParseGeneralizedTime(FromStringLiteral("20001231010203Z\0"), &out));
139
140 // Check what happens when a null byte is in the middle of the input.
141 EXPECT_FALSE(ParseGeneralizedTime(FromStringLiteral("200\0"
142 "1231010203Z"),
143 &out));
144
145 // The year can't be in hex.
146 EXPECT_FALSE(
147 ParseGeneralizedTime(FromStringLiteral("0x201231000000Z"), &out));
148
149 // The last byte must be 'Z'.
150 EXPECT_FALSE(
151 ParseGeneralizedTime(FromStringLiteral("20001231000000X"), &out));
152
153 // Check that the length is validated.
154 EXPECT_FALSE(ParseGeneralizedTime(FromStringLiteral("20140218161200"), &out));
155 EXPECT_FALSE(
156 ParseGeneralizedTime(FromStringLiteral("20140218161200Z0"), &out));
157 }
158
TEST(ParseValuesTest,TimesCompare)159 TEST(ParseValuesTest, TimesCompare) {
160 GeneralizedTime time1;
161 GeneralizedTime time2;
162 GeneralizedTime time3;
163
164 ASSERT_TRUE(
165 ParseGeneralizedTime(FromStringLiteral("20140218161200Z"), &time1));
166 // Test that ParseUTCTime correctly normalizes the year.
167 ASSERT_TRUE(ParseUTCTime(FromStringLiteral("150218161200Z"), &time2));
168 ASSERT_TRUE(
169 ParseGeneralizedTime(FromStringLiteral("20160218161200Z"), &time3));
170 EXPECT_TRUE(time1 < time2);
171 EXPECT_TRUE(time2 < time3);
172
173 EXPECT_TRUE(time2 > time1);
174 EXPECT_TRUE(time2 >= time1);
175 EXPECT_TRUE(time2 <= time3);
176 EXPECT_TRUE(time1 <= time1);
177 EXPECT_TRUE(time1 >= time1);
178 }
179
TEST(ParseValuesTest,UTCTimeRange)180 TEST(ParseValuesTest, UTCTimeRange) {
181 GeneralizedTime time;
182 ASSERT_TRUE(
183 ParseGeneralizedTime(FromStringLiteral("20140218161200Z"), &time));
184 EXPECT_TRUE(time.InUTCTimeRange());
185
186 time.year = 1950;
187 EXPECT_TRUE(time.InUTCTimeRange());
188
189 time.year = 1949;
190 EXPECT_FALSE(time.InUTCTimeRange());
191
192 time.year = 2049;
193 EXPECT_TRUE(time.InUTCTimeRange());
194
195 time.year = 2050;
196 EXPECT_FALSE(time.InUTCTimeRange());
197 }
198
199 struct Uint64TestData {
200 bool should_pass;
201 const uint8_t input[9];
202 size_t length;
203 uint64_t expected_value = 0;
204 };
205
206 const Uint64TestData kUint64TestData[] = {
207 {true, {0x00}, 1, 0},
208 // This number fails because it is not a minimal representation.
209 {false, {0x00, 0x00}, 2},
210 {true, {0x01}, 1, 1},
211 {false, {0xFF}, 1},
212 {true, {0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 8, INT64_MAX},
213 {true,
214 {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
215 9,
216 UINT64_MAX},
217 // This number fails because it is negative.
218 {false, {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 8},
219 {false, {0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 8},
220 {false, {0x00, 0x01}, 2},
221 {false, {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09}, 9},
222 {false, {0}, 0},
223 };
224
TEST(ParseValuesTest,ParseUint64)225 TEST(ParseValuesTest, ParseUint64) {
226 for (size_t i = 0; i < std::size(kUint64TestData); i++) {
227 const Uint64TestData &test_case = kUint64TestData[i];
228 SCOPED_TRACE(i);
229
230 uint64_t result;
231 EXPECT_EQ(test_case.should_pass,
232 ParseUint64(Input(test_case.input, test_case.length), &result));
233 if (test_case.should_pass) {
234 EXPECT_EQ(test_case.expected_value, result);
235 }
236 }
237 }
238
239 struct Uint8TestData {
240 bool should_pass;
241 const uint8_t input[9];
242 size_t length;
243 uint8_t expected_value = 0;
244 };
245
246 const Uint8TestData kUint8TestData[] = {
247 {true, {0x00}, 1, 0},
248 // This number fails because it is not a minimal representation.
249 {false, {0x00, 0x00}, 2},
250 {true, {0x01}, 1, 1},
251 {false, {0x01, 0xFF}, 2},
252 {false, {0x03, 0x83}, 2},
253 {true, {0x7F}, 1, 0x7F},
254 {true, {0x00, 0xFF}, 2, 0xFF},
255 // This number fails because it is negative.
256 {false, {0xFF}, 1},
257 {false, {0x80}, 1},
258 {false, {0x00, 0x01}, 2},
259 {false, {0}, 0},
260 };
261
TEST(ParseValuesTest,ParseUint8)262 TEST(ParseValuesTest, ParseUint8) {
263 for (size_t i = 0; i < std::size(kUint8TestData); i++) {
264 const Uint8TestData &test_case = kUint8TestData[i];
265 SCOPED_TRACE(i);
266
267 uint8_t result;
268 EXPECT_EQ(test_case.should_pass,
269 ParseUint8(Input(test_case.input, test_case.length), &result));
270 if (test_case.should_pass) {
271 EXPECT_EQ(test_case.expected_value, result);
272 }
273 }
274 }
275
276 struct IsValidIntegerTestData {
277 bool should_pass;
278 const uint8_t input[2];
279 size_t length;
280 bool negative = false;
281 };
282
283 const IsValidIntegerTestData kIsValidIntegerTestData[] = {
284 // Empty input (invalid DER).
285 {false, {0x00}, 0},
286
287 // The correct encoding for zero.
288 {true, {0x00}, 1, false},
289
290 // Invalid representation of zero (not minimal)
291 {false, {0x00, 0x00}, 2},
292
293 // Valid single byte negative numbers.
294 {true, {0x80}, 1, true},
295 {true, {0xFF}, 1, true},
296
297 // Non-minimal negative number.
298 {false, {0xFF, 0x80}, 2},
299
300 // Positive number with a legitimate leading zero.
301 {true, {0x00, 0x80}, 2, false},
302
303 // A legitimate negative number that starts with FF (MSB of second byte is
304 // 0 so OK).
305 {true, {0xFF, 0x7F}, 2, true},
306 };
307
TEST(ParseValuesTest,IsValidInteger)308 TEST(ParseValuesTest, IsValidInteger) {
309 for (size_t i = 0; i < std::size(kIsValidIntegerTestData); i++) {
310 const auto &test_case = kIsValidIntegerTestData[i];
311 SCOPED_TRACE(i);
312
313 bool negative;
314 EXPECT_EQ(
315 test_case.should_pass,
316 IsValidInteger(Input(test_case.input, test_case.length), &negative));
317 if (test_case.should_pass) {
318 EXPECT_EQ(test_case.negative, negative);
319 }
320 }
321 }
322
323 // Tests parsing an empty BIT STRING.
TEST(ParseValuesTest,ParseBitStringEmptyNoUnusedBits)324 TEST(ParseValuesTest, ParseBitStringEmptyNoUnusedBits) {
325 const uint8_t kData[] = {0x00};
326
327 std::optional<BitString> bit_string = ParseBitString(Input(kData));
328 ASSERT_TRUE(bit_string.has_value());
329
330 EXPECT_EQ(0u, bit_string->unused_bits());
331 EXPECT_EQ(0u, bit_string->bytes().size());
332
333 EXPECT_FALSE(bit_string->AssertsBit(0));
334 EXPECT_FALSE(bit_string->AssertsBit(1));
335 EXPECT_FALSE(bit_string->AssertsBit(3));
336 }
337
338 // Tests parsing an empty BIT STRING that incorrectly claims one unused bit.
TEST(ParseValuesTest,ParseBitStringEmptyOneUnusedBit)339 TEST(ParseValuesTest, ParseBitStringEmptyOneUnusedBit) {
340 const uint8_t kData[] = {0x01};
341
342 std::optional<BitString> bit_string = ParseBitString(Input(kData));
343 EXPECT_FALSE(bit_string.has_value());
344 }
345
346 // Tests parsing an empty BIT STRING that is not minmally encoded (the entire
347 // last byte is comprised of unused bits).
TEST(ParseValuesTest,ParseBitStringNonEmptyTooManyUnusedBits)348 TEST(ParseValuesTest, ParseBitStringNonEmptyTooManyUnusedBits) {
349 const uint8_t kData[] = {0x08, 0x00};
350
351 std::optional<BitString> bit_string = ParseBitString(Input(kData));
352 EXPECT_FALSE(bit_string.has_value());
353 }
354
355 // Tests parsing a BIT STRING of 7 bits each of which are 1.
TEST(ParseValuesTest,ParseBitStringSevenOneBits)356 TEST(ParseValuesTest, ParseBitStringSevenOneBits) {
357 const uint8_t kData[] = {0x01, 0xFE};
358
359 std::optional<BitString> bit_string = ParseBitString(Input(kData));
360 ASSERT_TRUE(bit_string.has_value());
361
362 EXPECT_EQ(1u, bit_string->unused_bits());
363 EXPECT_EQ(1u, bit_string->bytes().size());
364 EXPECT_EQ(0xFE, bit_string->bytes()[0]);
365
366 EXPECT_TRUE(bit_string->AssertsBit(0));
367 EXPECT_TRUE(bit_string->AssertsBit(1));
368 EXPECT_TRUE(bit_string->AssertsBit(2));
369 EXPECT_TRUE(bit_string->AssertsBit(3));
370 EXPECT_TRUE(bit_string->AssertsBit(4));
371 EXPECT_TRUE(bit_string->AssertsBit(5));
372 EXPECT_TRUE(bit_string->AssertsBit(6));
373 EXPECT_FALSE(bit_string->AssertsBit(7));
374 EXPECT_FALSE(bit_string->AssertsBit(8));
375 }
376
377 // Tests parsing a BIT STRING of 7 bits each of which are 1. The unused bit
378 // however is set to 1, which is an invalid encoding.
TEST(ParseValuesTest,ParseBitStringSevenOneBitsUnusedBitIsOne)379 TEST(ParseValuesTest, ParseBitStringSevenOneBitsUnusedBitIsOne) {
380 const uint8_t kData[] = {0x01, 0xFF};
381
382 std::optional<BitString> bit_string = ParseBitString(Input(kData));
383 EXPECT_FALSE(bit_string.has_value());
384 }
385
TEST(ParseValuesTest,ParseIA5String)386 TEST(ParseValuesTest, ParseIA5String) {
387 const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62,
388 0x61, 0x72, 0x01, 0x7f};
389 std::string s;
390 EXPECT_TRUE(ParseIA5String(der::Input(valid_der), &s));
391 EXPECT_EQ("Foo bar\x01\x7f", s);
392
393 // 0x80 is not a valid character in IA5String.
394 const uint8_t invalid_der[] = {0x46, 0x6f, 0x80, 0x20, 0x62, 0x61, 0x72};
395 EXPECT_FALSE(ParseIA5String(der::Input(invalid_der), &s));
396 }
397
TEST(ParseValuesTest,ParseVisibleString)398 TEST(ParseValuesTest, ParseVisibleString) {
399 const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72, 0x7e};
400 std::string s;
401 EXPECT_TRUE(ParseVisibleString(der::Input(valid_der), &s));
402 EXPECT_EQ("Foo bar\x7e", s);
403
404 // 0x7f is not a valid character in VisibleString
405 const uint8_t invalid_der[] = {0x46, 0x6f, 0x7f, 0x20, 0x62, 0x61, 0x72};
406 EXPECT_FALSE(ParseVisibleString(der::Input(invalid_der), &s));
407
408 // 0x1f is not a valid character in VisibleString
409 const uint8_t invalid_der2[] = {0x46, 0x6f, 0x1f, 0x20, 0x62, 0x61, 0x72};
410 EXPECT_FALSE(ParseVisibleString(der::Input(invalid_der2), &s));
411 }
412
TEST(ParseValuesTest,ParsePrintableString)413 TEST(ParseValuesTest, ParsePrintableString) {
414 const uint8_t valid_der[] = {0x46, 0x6f, 0x6f, 0x20, 0x62, 0x61, 0x72};
415 std::string s;
416 EXPECT_TRUE(ParsePrintableString(der::Input(valid_der), &s));
417 EXPECT_EQ("Foo bar", s);
418
419 // 0x5f '_' is not a valid character in PrintableString.
420 const uint8_t invalid_der[] = {0x46, 0x6f, 0x5f, 0x20, 0x62, 0x61, 0x72};
421 EXPECT_FALSE(ParsePrintableString(der::Input(invalid_der), &s));
422 }
423
TEST(ParseValuesTest,ParseTeletexStringAsLatin1)424 TEST(ParseValuesTest, ParseTeletexStringAsLatin1) {
425 const uint8_t valid_der[] = {0x46, 0x6f, 0xd6, 0x20, 0x62, 0x61, 0x72};
426 std::string s;
427 EXPECT_TRUE(ParseTeletexStringAsLatin1(der::Input(valid_der), &s));
428 EXPECT_EQ("FoÖ bar", s);
429 }
430
TEST(ParseValuesTest,ParseBmpString)431 TEST(ParseValuesTest, ParseBmpString) {
432 const uint8_t valid_der[] = {0x00, 0x66, 0x00, 0x6f, 0x00, 0x6f,
433 0x00, 0x62, 0x00, 0x61, 0x00, 0x72};
434 std::string s;
435 EXPECT_TRUE(ParseBmpString(der::Input(valid_der), &s));
436 EXPECT_EQ("foobar", s);
437
438 const uint8_t valid_nonascii_der[] = {0x27, 0x28, 0x26, 0xa1, 0x2b, 0x50};
439 EXPECT_TRUE(ParseBmpString(der::Input(valid_nonascii_der), &s));
440 EXPECT_EQ("✨⚡⭐", s);
441
442 // BmpString must encode characters in pairs of 2 bytes.
443 const uint8_t invalid_odd_der[] = {0x00, 0x66, 0x00, 0x6f, 0x00};
444 EXPECT_FALSE(ParseBmpString(der::Input(invalid_odd_der), &s));
445
446 // UTF-16BE encoding of U+1D11E, MUSICAL SYMBOL G CLEF, which is not valid in
447 // UCS-2.
448 const uint8_t invalid_bmp_valid_utf16_with_surrogate[] = {0xd8, 0x34, 0xdd,
449 0x1e};
450 EXPECT_FALSE(
451 ParseBmpString(der::Input(invalid_bmp_valid_utf16_with_surrogate), &s));
452 }
453
TEST(ParseValuesTest,ParseUniversalString)454 TEST(ParseValuesTest, ParseUniversalString) {
455 const uint8_t valid_der[] = {0x00, 0x00, 0x00, 0x66, 0x00, 0x00, 0x00, 0x6f,
456 0x00, 0x00, 0x00, 0x6f, 0x00, 0x00, 0x00, 0x62,
457 0x00, 0x00, 0x00, 0x61, 0x00, 0x00, 0x00, 0x72};
458 std::string s;
459 EXPECT_TRUE(ParseUniversalString(der::Input(valid_der), &s));
460 EXPECT_EQ("foobar", s);
461
462 const uint8_t valid_non_ascii_der[] = {0x0, 0x1, 0xf4, 0xe, 0x0, 0x0, 0x0,
463 0x20, 0x0, 0x1, 0xd1, 0x1e, 0x0, 0x0,
464 0x26, 0x69, 0x0, 0x0, 0x26, 0x6b};
465 EXPECT_TRUE(ParseUniversalString(der::Input(valid_non_ascii_der), &s));
466 EXPECT_EQ("�� ��♩♫", s);
467
468 // UniversalString must encode characters in groups of 4 bytes.
469 const uint8_t invalid_non_4_multiple_der[] = {0x00, 0x00, 0x00,
470 0x66, 0x00, 0x00};
471 EXPECT_FALSE(
472 ParseUniversalString(der::Input(invalid_non_4_multiple_der), &s));
473 }
474
475 } // namespace der::test
476 BSSL_NAMESPACE_END
477