25-test_d2i.t revision 1.1.1.2
1 #! /usr/bin/env perl 2 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. 3 # 4 # Licensed under the Apache License 2.0 (the "License"). You may not use 5 # this file except in compliance with the License. You can obtain a copy 6 # in the file LICENSE in the source distribution or at 7 # https://www.openssl.org/source/license.html 8 9 10 use strict; 11 use warnings; 12 13 use File::Spec; 14 use OpenSSL::Test qw/:DEFAULT srctop_file/; 15 use OpenSSL::Test::Utils; 16 17 setup("test_d2i"); 18 19 plan tests => 14; 20 21 ok(run(test(["d2i_test", "X509", "decode", 22 srctop_file('test','d2i-tests','bad_cert.der')])), 23 "Running d2i_test bad_cert.der"); 24 25 ok(run(test(["d2i_test", "GENERAL_NAME", "decode", 26 srctop_file('test','d2i-tests','bad_generalname.der')])), 27 "Running d2i_test bad_generalname.der"); 28 29 ok(run(test(["d2i_test", "ASN1_ANY", "BIO", 30 srctop_file('test','d2i-tests','bad_bio.der')])), 31 "Running d2i_test bad_bio.der"); 32 # This test checks CVE-2016-2108. The data consists of an tag 258 and 33 # two zero content octets. This is parsed as an ASN1_ANY type. If the 34 # type is incorrectly interpreted as an ASN.1 INTEGER the two zero content 35 # octets will be reject as invalid padding and this test will fail. 36 # If the type is correctly interpreted it will by treated as an ASN1_STRING 37 # type and the content octets copied verbatim. 38 ok(run(test(["d2i_test", "ASN1_ANY", "OK", 39 srctop_file('test','d2i-tests','high_tag.der')])), 40 "Running d2i_test high_tag.der"); 41 42 # Above test data but interpreted as ASN.1 INTEGER: this will be rejected 43 # because the tag is invalid. 44 ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", 45 srctop_file('test','d2i-tests','high_tag.der')])), 46 "Running d2i_test high_tag.der INTEGER"); 47 48 # Parse valid 0, 1 and -1 ASN.1 INTEGER as INTEGER or ANY. 49 50 ok(run(test(["d2i_test", "ASN1_INTEGER", "OK", 51 srctop_file('test','d2i-tests','int0.der')])), 52 "Running d2i_test int0.der INTEGER"); 53 54 ok(run(test(["d2i_test", "ASN1_INTEGER", "OK", 55 srctop_file('test','d2i-tests','int1.der')])), 56 "Running d2i_test int1.der INTEGER"); 57 58 ok(run(test(["d2i_test", "ASN1_INTEGER", "OK", 59 srctop_file('test','d2i-tests','intminus1.der')])), 60 "Running d2i_test intminus1.der INTEGER"); 61 62 ok(run(test(["d2i_test", "ASN1_ANY", "OK", 63 srctop_file('test','d2i-tests','int0.der')])), 64 "Running d2i_test int0.der ANY"); 65 66 ok(run(test(["d2i_test", "ASN1_ANY", "OK", 67 srctop_file('test','d2i-tests','int1.der')])), 68 "Running d2i_test int1.der ANY"); 69 70 ok(run(test(["d2i_test", "ASN1_ANY", "OK", 71 srctop_file('test','d2i-tests','intminus1.der')])), 72 "Running d2i_test intminus1.der ANY"); 73 74 # Integers with illegal additional padding. 75 76 ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", 77 srctop_file('test','d2i-tests','bad-int-pad0.der')])), 78 "Running d2i_test bad-int-pad0.der INTEGER"); 79 80 ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", 81 srctop_file('test','d2i-tests','bad-int-padminus1.der')])), 82 "Running d2i_test bad-int-padminus1.der INTEGER"); 83 84 SKIP: { 85 skip "No CMS support in this configuration", 1 if disabled("cms"); 86 87 # Invalid CMS structure with decode error in CHOICE value. 88 # Test for CVE-2016-7053 89 90 ok(run(test(["d2i_test", "CMS_ContentInfo", "decode", 91 srctop_file('test','d2i-tests','bad-cms.der')])), 92 "Running d2i_test bad-cms.der CMS ContentInfo"); 93 } 94
Indexes created Sun Apr 26 00:22:38 UTC 2026