VirtualBox

source: vbox/trunk/src/libs/openssl-3.1.5/test/recipes/25-test_d2i.t@ 105770

Last change on this file since 105770 was 104078, checked in by vboxsync, 8 months ago

openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
File size: 3.4 KB
Line 
1#! /usr/bin/env perl
2# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License"). You may not use
5# this file except in compliance with the License. You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10use strict;
11use warnings;
12
13use File::Spec;
14use OpenSSL::Test qw/:DEFAULT srctop_file/;
15use OpenSSL::Test::Utils;
16
17setup("test_d2i");
18
19plan tests => 14;
20
21ok(run(test(["d2i_test", "X509", "decode",
22 srctop_file('test','d2i-tests','bad_cert.der')])),
23 "Running d2i_test bad_cert.der");
24
25ok(run(test(["d2i_test", "GENERAL_NAME", "decode",
26 srctop_file('test','d2i-tests','bad_generalname.der')])),
27 "Running d2i_test bad_generalname.der");
28
29ok(run(test(["d2i_test", "ASN1_ANY", "BIO",
30 srctop_file('test','d2i-tests','bad_bio.der')])),
31 "Running d2i_test bad_bio.der");
32# This test checks CVE-2016-2108. The data consists of an tag 258 and
33# two zero content octets. This is parsed as an ASN1_ANY type. If the
34# type is incorrectly interpreted as an ASN.1 INTEGER the two zero content
35# octets will be reject as invalid padding and this test will fail.
36# If the type is correctly interpreted it will by treated as an ASN1_STRING
37# type and the content octets copied verbatim.
38ok(run(test(["d2i_test", "ASN1_ANY", "OK",
39 srctop_file('test','d2i-tests','high_tag.der')])),
40 "Running d2i_test high_tag.der");
41
42# Above test data but interpreted as ASN.1 INTEGER: this will be rejected
43# because the tag is invalid.
44ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
45 srctop_file('test','d2i-tests','high_tag.der')])),
46 "Running d2i_test high_tag.der INTEGER");
47
48# Parse valid 0, 1 and -1 ASN.1 INTEGER as INTEGER or ANY.
49
50ok(run(test(["d2i_test", "ASN1_INTEGER", "OK",
51 srctop_file('test','d2i-tests','int0.der')])),
52 "Running d2i_test int0.der INTEGER");
53
54ok(run(test(["d2i_test", "ASN1_INTEGER", "OK",
55 srctop_file('test','d2i-tests','int1.der')])),
56 "Running d2i_test int1.der INTEGER");
57
58ok(run(test(["d2i_test", "ASN1_INTEGER", "OK",
59 srctop_file('test','d2i-tests','intminus1.der')])),
60 "Running d2i_test intminus1.der INTEGER");
61
62ok(run(test(["d2i_test", "ASN1_ANY", "OK",
63 srctop_file('test','d2i-tests','int0.der')])),
64 "Running d2i_test int0.der ANY");
65
66ok(run(test(["d2i_test", "ASN1_ANY", "OK",
67 srctop_file('test','d2i-tests','int1.der')])),
68 "Running d2i_test int1.der ANY");
69
70ok(run(test(["d2i_test", "ASN1_ANY", "OK",
71 srctop_file('test','d2i-tests','intminus1.der')])),
72 "Running d2i_test intminus1.der ANY");
73
74# Integers with illegal additional padding.
75
76ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
77 srctop_file('test','d2i-tests','bad-int-pad0.der')])),
78 "Running d2i_test bad-int-pad0.der INTEGER");
79
80ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
81 srctop_file('test','d2i-tests','bad-int-padminus1.der')])),
82 "Running d2i_test bad-int-padminus1.der INTEGER");
83
84SKIP: {
85 skip "No CMS support in this configuration", 1 if disabled("cms");
86
87 # Invalid CMS structure with decode error in CHOICE value.
88 # Test for CVE-2016-7053
89
90 ok(run(test(["d2i_test", "CMS_ContentInfo", "decode",
91 srctop_file('test','d2i-tests','bad-cms.der')])),
92 "Running d2i_test bad-cms.der CMS ContentInfo");
93}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette