Add initial tests for coverage of ASN.1 complex/constructed types.

2 files changed, 228 insertions, 1 deletions

diff --git a/src/regress/lib/libcrypto/asn1/Makefile b/src/regress/lib/libcrypto/asn1/Makefile
index 046d85bc81..1c4a42b80b 100644
--- a/src/regress/lib/libcrypto/asn1/Makefile
+++ b/src/regress/lib/libcrypto/asn1/Makefile
@@ -1,7 +1,8 @@
-#       $OpenBSD: Makefile,v 1.8 2021/12/09 16:30:05 jsing Exp $
+#       $OpenBSD: Makefile,v 1.9 2021/12/09 16:30:57 jsing Exp $
 
 TESTS = \
         asn1basic \
+        asn1complex \
         asn1evp \
         asn1string_copy \
         asn1time \
diff --git a/src/regress/lib/libcrypto/asn1/asn1complex.c b/src/regress/lib/libcrypto/asn1/asn1complex.c
new file mode 100644
index 0000000000..eaabd9e8c3
--- /dev/null
+++ b/src/regress/lib/libcrypto/asn1/asn1complex.c
@@ -0,0 +1,226 @@
+/* $OpenBSD: asn1complex.c,v 1.1 2021/12/09 16:30:57 jsing Exp $ */
+/*
+ * Copyright (c) 2017, 2021 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/err.h>
+
+#include <err.h>
+#include <stdio.h>
+#include <string.h>
+
+static void
+hexdump(const unsigned char *buf, size_t len)
+{
+        size_t i;
+
+        for (i = 1; i <= len; i++)
+                fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
+
+        fprintf(stderr, "\n");
+}
+
+static int
+asn1_compare_bytes(const char *label, const unsigned char *d1, int len1,
+    const unsigned char *d2, int len2)
+{
+        if (len1 != len2) {
+                fprintf(stderr, "FAIL: %s - byte lengths differ "
+                    "(%i != %i)\n", label, len1, len2);
+                return 0;
+        }
+        if (memcmp(d1, d2, len1) != 0) {
+                fprintf(stderr, "FAIL: %s - bytes differ\n", label);
+                fprintf(stderr, "Got:\n");
+                hexdump(d1, len1);
+                fprintf(stderr, "Want:\n");
+                hexdump(d2, len2);
+                return 0;
+        }
+        return 1;
+}
+
+/* Constructed octet string with length 12. */
+const uint8_t asn1_constructed_basic_ber[] = {
+        0x24, 0x0c,
+        0x04, 0x01, 0x01,
+        0x04, 0x02, 0x01, 0x02,
+        0x04, 0x03, 0x01, 0x02, 0x03
+};
+const uint8_t asn1_constructed_basic_content[] = {
+        0x01, 0x01, 0x02, 0x01, 0x02, 0x03,
+};
+
+/* Nested constructed octet string. */
+const uint8_t asn1_constructed_nested_ber[] = {
+        0x24, 0x1a,
+        0x04, 0x01, 0x01,
+        0x24, 0x15,
+        0x04, 0x02, 0x02, 0x03,
+        0x24, 0x0f,
+        0x24, 0x0d,
+        0x04, 0x03, 0x04, 0x05, 0x06,
+        0x24, 0x06,
+        0x24, 0x04,
+        0x04, 0x02, 0x07, 0x08,
+};
+const uint8_t asn1_constructed_nested_content[] = {
+        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+};
+
+/* Deeply nested constructed octet string. */
+const uint8_t asn1_constructed_deep_nested_ber[] = {
+        0x24, 0x1b,
+        0x04, 0x01, 0x01,
+        0x24, 0x16,
+        0x04, 0x02, 0x02, 0x03,
+        0x24, 0x10,
+        0x24, 0x0e,
+        0x04, 0x03, 0x04, 0x05, 0x06,
+        0x24, 0x07,
+        0x24, 0x05,
+        0x24, 0x03,
+        0x04, 0x01, 0x07,
+};
+
+/* Constructed octet string with indefinite length. */
+const uint8_t asn1_constructed_indefinite_ber[] = {
+        0x24, 0x80,
+        0x04, 0x01, 0x01,
+        0x04, 0x02, 0x01, 0x02,
+        0x04, 0x03, 0x01, 0x02, 0x03,
+        0x00, 0x00,
+};
+const uint8_t asn1_constructed_indefinite_content[] = {
+        0x01, 0x01, 0x02, 0x01, 0x02, 0x03,
+};
+
+struct asn1_constructed_test {
+        const char *name;
+        const uint8_t *asn1;
+        size_t asn1_len;
+        const uint8_t *want;
+        size_t want_len;
+        int want_error;
+        int valid;
+};
+
+const struct asn1_constructed_test asn1_constructed_tests[] = {
+        {
+                .name = "basic constructed",
+                .asn1 = asn1_constructed_basic_ber,
+                .asn1_len = sizeof(asn1_constructed_basic_ber),
+                .want = asn1_constructed_basic_content,
+                .want_len = sizeof(asn1_constructed_basic_content),
+                .valid = 1,
+        },
+        {
+                .name = "nested constructed",
+                .asn1 = asn1_constructed_nested_ber,
+                .asn1_len = sizeof(asn1_constructed_nested_ber),
+                .want = asn1_constructed_nested_content,
+                .want_len = sizeof(asn1_constructed_nested_content),
+                .valid = 1,
+        },
+        {
+                .name = "deep nested constructed",
+                .asn1 = asn1_constructed_deep_nested_ber,
+                .asn1_len = sizeof(asn1_constructed_deep_nested_ber),
+                .want_error = ASN1_R_NESTED_ASN1_STRING,
+                .valid = 0,
+        },
+        {
+                .name = "indefinite length constructed",
+                .asn1 = asn1_constructed_indefinite_ber,
+                .asn1_len = sizeof(asn1_constructed_indefinite_ber),
+                .want = asn1_constructed_indefinite_content,
+                .want_len = sizeof(asn1_constructed_indefinite_content),
+                .valid = 1,
+        },
+};
+
+#define N_CONSTRUCTED_TESTS \
+    (sizeof(asn1_constructed_tests) / sizeof(*asn1_constructed_tests))
+
+static int
+do_asn1_constructed_test(const struct asn1_constructed_test *act)
+{
+        ASN1_OCTET_STRING *aos = NULL;
+        const uint8_t *p;
+        long err;
+        int failed = 1;
+
+        p = act->asn1;
+        aos = d2i_ASN1_OCTET_STRING(NULL, &p, act->asn1_len);
+        if (!act->valid) {
+                if (aos != NULL) {
+                        fprintf(stderr, "FAIL: invalid ASN.1 decoded\n");
+                        goto failed;
+                }
+                if (act->want_error != 0) {
+                        err = ERR_peek_error();
+                        if (ERR_GET_REASON(err) != act->want_error) {
+                                fprintf(stderr, "FAIL: got error reason %d,"
+                                    "want %d", ERR_GET_REASON(err),
+                                    act->want_error);
+                                goto failed;
+                        }
+                }
+                goto done;
+        }
+        if (aos == NULL) {
+                fprintf(stderr, "FAIL: failed to decode ASN.1 constructed "
+                    "octet string\n");
+                ERR_print_errors_fp(stderr);
+                goto failed;
+        }
+        if (!asn1_compare_bytes(act->name, ASN1_STRING_data(aos),
+            ASN1_STRING_length(aos), act->want, act->want_len))
+                goto failed;
+
+ done:
+        failed = 0;
+
+ failed:
+        ASN1_OCTET_STRING_free(aos);
+
+        return failed;
+}
+
+static int
+do_asn1_constructed_tests(void)
+{
+        const struct asn1_constructed_test *act;
+        int failed = 0;
+        size_t i;
+
+        for (i = 0; i < N_CONSTRUCTED_TESTS; i++) {
+                act = &asn1_constructed_tests[i];
+                failed |= do_asn1_constructed_test(act);
+        }
+
+        return failed;
+}
+
+int
+main(int argc, char **argv)
+{
+        int failed = 0;
+
+        failed |= do_asn1_constructed_tests();
+
+        return (failed);
+}