From 6b0fa4f33b3b95fb752056f37823b6b483575cc2 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Mon, 20 Jul 2009 20:35:41 +0000
Subject: [PATCH]  - Added extra regression and coverage tests for ASN parsing
 of CRL and Key data

---
 tests/suites/test_suite_x509parse.data     | 77 +++++++++++++++++++++-
 tests/suites/test_suite_x509parse.function | 55 +++++++++++++++-
 2 files changed, 126 insertions(+), 6 deletions(-)

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 7fcc5ef61..6fd7eec67 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -59,13 +59,13 @@ X509 CRL Information SHA512 Digest
 x509_crl_info:"data_files/crl_sha512.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2009-07-19 19\:56\:37\nnext update   \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using  \: RSA+SHA512\n"
 
 X509 Parse Key #1 (No password when required)
-x509parse_key:"data_files/test-ca.key":NULL:POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED
+x509parse_keyfile:"data_files/test-ca.key":NULL:POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED
 
 X509 Parse Key #2 (Correct password)
-x509parse_key:"data_files/test-ca.key":"PolarSSLTest":0
+x509parse_keyfile:"data_files/test-ca.key":"PolarSSLTest":0
 
 X509 Parse Key #3 (Wrong password)
-x509parse_key:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH
+x509parse_keyfile:"data_files/test-ca.key":"PolarSSLWRONG":POLARSSL_ERR_X509_KEY_PASSWORD_MISMATCH
 
 X509 Get Distinguished Name #1
 x509_dn_gets:"data_files/server1.crt":subject:"C=NL, O=PolarSSL, CN=PolarSSL Server 1"
@@ -337,3 +337,74 @@ x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010205003
 X509 Certificate ASN1 (Name with unknown PKCS9 part)
 x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name   \: 0xAB=Test\nsubject name  \: ?\?=Test\nissued  on    \: 2009-01-01 00\:00\:00\nexpires on    \: 2009-12-31 23\:59\:59\nsigned using  \: RSA+MD2\nRSA key size  \: 128 bits\n":0
 
+X509 CRL ASN1 (Incorrect first tag)
+x509parse_crl:"":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
+X509 CRL ASN1 (Correct first tag, data length does not match)
+x509parse_crl:"300000":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CRL ASN1 (TBSCertList, tag missing)
+x509parse_crl:"3000":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, version tag len missing)
+x509parse_crl:"30033001a0":"":POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, version correct, alg missing)
+x509parse_crl:"30073005a003020100":"":POLARSSL_ERR_X509_CERT_INVALID_ALG | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, alg correct, incorrect version)
+x509parse_crl:"300d300ba003020102300406000500":"":POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION
+
+X509 CRL ASN1 (TBSCertList, correct version, sig_oid1 unknown)
+x509parse_crl:"300d300ba003020100300406000500":"":POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
+
+X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown)
+x509parse_crl:"30163014a003020100300d06092a864886f70d01010f0500":"":POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
+
+X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing)
+x509parse_crl:"30163014a003020100300d06092a864886f70d01010e0500":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, issuer set missing)
+x509parse_crl:"30183016a003020100300d06092a864886f70d01010e05003000":"":POLARSSL_ERR_X509_CERT_INVALID_NAME | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing)
+x509parse_crl:"30273025a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":POLARSSL_ERR_X509_CERT_INVALID_DATE | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing)
+x509parse_crl:"30363034a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg)
+x509parse_crl:"304c3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":POLARSSL_ERR_X509_CERT_INVALID_ALG | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid)
+x509parse_crl:"304c3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd180c30383132333132333539353900":"":POLARSSL_ERR_X509_CERT_INVALID_DATE | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match)
+x509parse_crl:"305a3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":POLARSSL_ERR_X509_CERT_SIG_MISMATCH
+
+X509 CRL ASN1 (TBSCertList, sig present)
+x509parse_crl:"305f3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT | POLARSSL_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CRL ASN1 (TBSCertList, sig present)
+x509parse_crl:"305e3049a003020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version   \: 1\nissuer name   \: CN=ABCD\nthis update   \: 2009-01-01 00\:00\:00\nnext update   \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using  \: RSA+SHA224\n":0
+
+X509 Key ASN1 (Incorrect first tag)
+x509parse_key:"":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 Key ASN1 (RSAPrivateKey, incorrect version tag)
+x509parse_key:"300100":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
+
+X509 Key ASN1 (RSAPrivateKey, version tag missing)
+x509parse_key:"3000":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_OUT_OF_DATA
+
+X509 Key ASN1 (RSAPrivateKey, invalid version)
+x509parse_key:"3003020101":"":POLARSSL_ERR_X509_KEY_INVALID_VERSION
+
+X509 Key ASN1 (RSAPrivateKey, correct version, incorrect tag)
+x509parse_key:"300402010000":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_UNEXPECTED_TAG
+
+X509 Key ASN1 (RSAPrivateKey, values present, length mismatch)
+x509parse_key:"301c02010002010102010102010102010102010102010102010102010100":"":POLARSSL_ERR_X509_KEY_INVALID_FORMAT | POLARSSL_ERR_ASN1_LENGTH_MISMATCH
+
+X509 Key ASN1 (RSAPrivateKey, values present, check_privkey fails)
+x509parse_key:"301b020100020101020101020101020101020101020101020101020101":"":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 587aa9ab1..b56b89310 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -105,7 +105,7 @@ x509_time_expired:crt_file:entity:result
 END_CASE
 
 BEGIN_CASE
-x509parse_key:key_file:password:result
+x509parse_keyfile:key_file:password:result
 {
     rsa_context rsa;
     int res;
@@ -137,8 +137,6 @@ x509parse_crt:crt_data:result_str:result
 
     data_len = unhexify( buf, {crt_data} );
 
-    res = x509parse_crt( &crt, buf, data_len );
-
     TEST_ASSERT( x509parse_crt( &crt, buf, data_len ) == ( {result} ) );
     if( ( {result} ) == 0 )
     {
@@ -152,6 +150,57 @@ x509parse_crt:crt_data:result_str:result
 }
 END_CASE
 
+BEGIN_CASE
+x509parse_crl:crl_data:result_str:result
+{
+    x509_crl   crl;
+    unsigned char buf[2000];
+    unsigned char output[2000];
+    int data_len, res;
+
+    memset( &crl, 0, sizeof( x509_crl ) );
+    memset( buf, 0, 2000 );
+    memset( output, 0, 2000 );
+
+    data_len = unhexify( buf, {crl_data} );
+
+    TEST_ASSERT( x509parse_crl( &crl, buf, data_len ) == ( {result} ) );
+    if( ( {result} ) == 0 )
+    {
+        res = x509parse_crl_info( (char *) output, 2000, "", &crl );
+        
+        TEST_ASSERT( res != -1 );
+        TEST_ASSERT( res != -2 );
+
+        TEST_ASSERT( strcmp( (char *) output, {result_str} ) == 0 );
+    }
+}
+END_CASE
+
+BEGIN_CASE
+x509parse_key:key_data:result_str:result
+{
+    rsa_context   rsa;
+    unsigned char buf[2000];
+    unsigned char output[2000];
+    int data_len, res;
+
+    memset( &rsa, 0, sizeof( rsa_context ) );
+    memset( buf, 0, 2000 );
+    memset( output, 0, 2000 );
+
+    data_len = unhexify( buf, {key_data} );
+
+    res = x509parse_key( &rsa, buf, data_len, NULL, 0 );
+
+    TEST_ASSERT( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( {result} ) );
+    if( ( {result} ) == 0 )
+    {
+        TEST_ASSERT( 1 );
+    }
+}
+END_CASE
+
 BEGIN_CASE
 x509_selftest:
 {