Add test-case for signature over zero-length data

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-16 16:14:46 +00:00 · 2023-02-16 16:14:46 +00:00 · c5874db5b0
commit c5874db5b0
parent f691268ee9
5 changed files with 15 additions and 1 deletions
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@ -1205,6 +1205,10 @@ $(pkcs7_test_file):
 	echo -e "Hello\xd" > $@
 all_final += $(pkcs7_test_file)

+pkcs7_zerolendata.bin:
+	printf '' > $@
+all_final += pkcs7_zerolendata.bin
+
 pkcs7_data_1.bin:
 	echo -e "2\xd" > $@
 all_final += pkcs7_data_1.bin
@ -1238,6 +1242,11 @@ pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
 	$(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
 all_final += pkcs7-rsa-sha256-2.der

+# pkcs7 signature file over zero-len data
+pkcs7_zerolendata_detached.der: pkcs7_zerolendata.bin pkcs7-rsa-sha256-1.key pkcs7-rsa-sha256-1.crt
+	$(OPENSSL) smime -sign -md sha256 -nocerts -noattr -in pkcs7_zerolendata.bin -inkey pkcs7-rsa-sha256-1.key -outform DER -binary -signer pkcs7-rsa-sha256-1.crt -out pkcs7_zerolendata_detached.der
+all_final += pkcs7_zerolendata_detached.der
+
 # pkcs7 signature file with CERT
 pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
 	$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@
--- a/tests/data_files/pkcs7_zerolendata.bin
+++ b/tests/data_files/pkcs7_zerolendata.bin
--- a/tests/data_files/pkcs7_zerolendata_detached.der
+++ b/tests/data_files/pkcs7_zerolendata_detached.der
--- a/tests/suites/test_suite_pkcs7.data
+++ b/tests/suites/test_suite_pkcs7.data
@ -38,6 +38,10 @@ PKCS7 Signed Data Parse Fail Encrypted Content #8
 depends_on:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_encrypted.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE

+PKCS7 Signed Data Verification Pass zero-len data
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_zerolendata_detached.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_zerolendata.bin":0:0
+
 PKCS7 Signed Data Verification Pass SHA256 #9
 depends_on:MBEDTLS_SHA256_C
 pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin":0:0
--- a/tests/suites/test_suite_pkcs7.function
+++ b/tests/suites/test_suite_pkcs7.function
@ -125,7 +125,8 @@ void pkcs7_verify(char *pkcs7_file,
    TEST_ASSERT(file != NULL);

    datalen = st.st_size;
-    ASSERT_ALLOC(data, datalen);
+    /* Add 1 so that data is non-NULL for zero length input */
+    ASSERT_ALLOC(data, datalen + 1);
    buflen = fread((void *) data, sizeof(unsigned char), datalen, file);
    TEST_EQUAL(buflen, datalen);