asn1_test.cc
Go to the documentation of this file.
1 /* Copyright (c) 2016, Google Inc.
2  *
3  * Permission to use, copy, modify, and/or distribute this software for any
4  * purpose with or without fee is hereby granted, provided that the above
5  * copyright notice and this permission notice appear in all copies.
6  *
7  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14 
15 #include <limits.h>
16 #include <stdio.h>
17 
18 #include <string>
19 #include <vector>
20 
21 #include <gtest/gtest.h>
22 
23 #include <openssl/asn1.h>
24 #include <openssl/asn1t.h>
25 #include <openssl/bytestring.h>
26 #include <openssl/err.h>
27 #include <openssl/mem.h>
28 #include <openssl/obj.h>
29 #include <openssl/span.h>
30 #include <openssl/x509v3.h>
31 
32 #include "../test/test_util.h"
33 #include "internal.h"
34 
35 #if defined(OPENSSL_THREADS)
36 #include <thread>
37 #endif
38 
39 
40 // kTag128 is an ASN.1 structure with a universal tag with number 128.
41 static const uint8_t kTag128[] = {
42  0x1f, 0x81, 0x00, 0x01, 0x00,
43 };
44 
45 // kTag258 is an ASN.1 structure with a universal tag with number 258.
46 static const uint8_t kTag258[] = {
47  0x1f, 0x82, 0x02, 0x01, 0x00,
48 };
49 
50 static_assert(V_ASN1_NEG_INTEGER == 258,
51  "V_ASN1_NEG_INTEGER changed. Update kTag258 to collide with it.");
52 
53 // kTagOverflow is an ASN.1 structure with a universal tag with number 2^35-1,
54 // which will not fit in an int.
55 static const uint8_t kTagOverflow[] = {
56  0x1f, 0xff, 0xff, 0xff, 0xff, 0x7f, 0x01, 0x00,
57 };
58 
59 TEST(ASN1Test, LargeTags) {
60  const uint8_t *p = kTag258;
61  bssl::UniquePtr<ASN1_TYPE> obj(d2i_ASN1_TYPE(NULL, &p, sizeof(kTag258)));
62  EXPECT_FALSE(obj) << "Parsed value with illegal tag" << obj->type;
63  ERR_clear_error();
64 
65  p = kTagOverflow;
66  obj.reset(d2i_ASN1_TYPE(NULL, &p, sizeof(kTagOverflow)));
67  EXPECT_FALSE(obj) << "Parsed value with tag overflow" << obj->type;
68  ERR_clear_error();
69 
70  p = kTag128;
71  obj.reset(d2i_ASN1_TYPE(NULL, &p, sizeof(kTag128)));
72  ASSERT_TRUE(obj);
73  EXPECT_EQ(128, obj->type);
74  const uint8_t kZero = 0;
75  EXPECT_EQ(Bytes(&kZero, 1), Bytes(obj->value.asn1_string->data,
76  obj->value.asn1_string->length));
77 }
78 
79 TEST(ASN1Test, IntegerSetting) {
80  bssl::UniquePtr<ASN1_INTEGER> by_bn(ASN1_INTEGER_new());
81  bssl::UniquePtr<ASN1_INTEGER> by_long(ASN1_INTEGER_new());
82  bssl::UniquePtr<ASN1_INTEGER> by_uint64(ASN1_INTEGER_new());
83  bssl::UniquePtr<BIGNUM> bn(BN_new());
84 
85  const std::vector<int64_t> kValues = {
86  LONG_MIN, -2, -1, 0, 1, 2, 0xff, 0x100, 0xffff, 0x10000, LONG_MAX,
87  };
88  for (const auto &i : kValues) {
89  SCOPED_TRACE(i);
90 
91  ASSERT_EQ(1, ASN1_INTEGER_set(by_long.get(), i));
92  const uint64_t abs = i < 0 ? (0 - (uint64_t) i) : i;
93  ASSERT_TRUE(BN_set_u64(bn.get(), abs));
94  BN_set_negative(bn.get(), i < 0);
95  ASSERT_TRUE(BN_to_ASN1_INTEGER(bn.get(), by_bn.get()));
96 
97  EXPECT_EQ(0, ASN1_INTEGER_cmp(by_bn.get(), by_long.get()));
98 
99  if (i >= 0) {
100  ASSERT_EQ(1, ASN1_INTEGER_set_uint64(by_uint64.get(), i));
101  EXPECT_EQ(0, ASN1_INTEGER_cmp(by_bn.get(), by_uint64.get()));
102  }
103  }
104 }
105 
106 // |obj| and |i2d_func| require different template parameters because C++ may
107 // deduce, say, |ASN1_STRING*| via |obj| and |const ASN1_STRING*| via
108 // |i2d_func|. Template argument deduction then fails. The language is not able
109 // to resolve this by observing that |const ASN1_STRING*| works for both.
110 template <typename T, typename U>
111 void TestSerialize(T obj, int (*i2d_func)(U a, uint8_t **pp),
112  bssl::Span<const uint8_t> expected) {
113  static_assert(std::is_convertible<T, U>::value,
114  "incompatible parameter to i2d_func");
115  // Test the allocating version first. It is easiest to debug.
116  uint8_t *ptr = nullptr;
117  int len = i2d_func(obj, &ptr);
118  ASSERT_GT(len, 0);
119  EXPECT_EQ(Bytes(expected), Bytes(ptr, len));
120  OPENSSL_free(ptr);
121 
122  len = i2d_func(obj, nullptr);
123  ASSERT_GT(len, 0);
124  EXPECT_EQ(len, static_cast<int>(expected.size()));
125 
126  std::vector<uint8_t> buf(len);
127  ptr = buf.data();
128  len = i2d_func(obj, &ptr);
129  ASSERT_EQ(len, static_cast<int>(expected.size()));
130  EXPECT_EQ(ptr, buf.data() + buf.size());
131  EXPECT_EQ(Bytes(expected), Bytes(buf));
132 }
133 
134 TEST(ASN1Test, SerializeObject) {
135  static const uint8_t kDER[] = {0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
136  0xf7, 0x0d, 0x01, 0x01, 0x01};
137  const ASN1_OBJECT *obj = OBJ_nid2obj(NID_rsaEncryption);
138  TestSerialize(obj, i2d_ASN1_OBJECT, kDER);
139 }
140 
141 TEST(ASN1Test, Boolean) {
142  static const uint8_t kTrue[] = {0x01, 0x01, 0xff};
143  TestSerialize(0xff, i2d_ASN1_BOOLEAN, kTrue);
144  // Other constants are also correctly encoded as TRUE.
145  TestSerialize(1, i2d_ASN1_BOOLEAN, kTrue);
146  TestSerialize(0x100, i2d_ASN1_BOOLEAN, kTrue);
147 
148  const uint8_t *ptr = kTrue;
149  EXPECT_EQ(0xff, d2i_ASN1_BOOLEAN(nullptr, &ptr, sizeof(kTrue)));
150  EXPECT_EQ(ptr, kTrue + sizeof(kTrue));
151 
152  static const uint8_t kFalse[] = {0x01, 0x01, 0x00};
153  TestSerialize(0x00, i2d_ASN1_BOOLEAN, kFalse);
154 
155  ptr = kFalse;
156  EXPECT_EQ(0, d2i_ASN1_BOOLEAN(nullptr, &ptr, sizeof(kFalse)));
157  EXPECT_EQ(ptr, kFalse + sizeof(kFalse));
158 
159  const std::vector<uint8_t> kInvalidBooleans[] = {
160  // No tag header.
161  {},
162  // No length.
163  {0x01},
164  // Truncated contents.
165  {0x01, 0x01},
166  // Contents too short or too long.
167  {0x01, 0x00},
168  {0x01, 0x02, 0x00, 0x00},
169  // Wrong tag number.
170  {0x02, 0x01, 0x00},
171  // Wrong tag class.
172  {0x81, 0x01, 0x00},
173  // Element is constructed.
174  {0x21, 0x01, 0x00},
175  // TODO(https://crbug.com/boringssl/354): Reject non-DER encodings of TRUE
176  // and test this.
177  };
178  for (const auto &invalid : kInvalidBooleans) {
179  SCOPED_TRACE(Bytes(invalid));
180  ptr = invalid.data();
181  EXPECT_EQ(-1, d2i_ASN1_BOOLEAN(nullptr, &ptr, invalid.size()));
182  ERR_clear_error();
183  }
184 }
185 
186 // The templates go through a different codepath, so test them separately.
187 TEST(ASN1Test, SerializeEmbeddedBoolean) {
188  bssl::UniquePtr<BASIC_CONSTRAINTS> val(BASIC_CONSTRAINTS_new());
189  ASSERT_TRUE(val);
190 
191  // BasicConstraints defaults to FALSE, so the encoding should be empty.
192  static const uint8_t kLeaf[] = {0x30, 0x00};
193  val->ca = 0;
194  TestSerialize(val.get(), i2d_BASIC_CONSTRAINTS, kLeaf);
195 
196  // TRUE should always be encoded as 0xff, independent of what value the caller
197  // placed in the |ASN1_BOOLEAN|.
198  static const uint8_t kCA[] = {0x30, 0x03, 0x01, 0x01, 0xff};
199  val->ca = 0xff;
200  TestSerialize(val.get(), i2d_BASIC_CONSTRAINTS, kCA);
201  val->ca = 1;
202  TestSerialize(val.get(), i2d_BASIC_CONSTRAINTS, kCA);
203  val->ca = 0x100;
204  TestSerialize(val.get(), i2d_BASIC_CONSTRAINTS, kCA);
205 }
206 
207 TEST(ASN1Test, ASN1Type) {
208  const struct {
209  int type;
210  std::vector<uint8_t> der;
211  } kTests[] = {
212  // BOOLEAN { TRUE }
213  {V_ASN1_BOOLEAN, {0x01, 0x01, 0xff}},
214  // BOOLEAN { FALSE }
215  {V_ASN1_BOOLEAN, {0x01, 0x01, 0x00}},
216  // OCTET_STRING { "a" }
217  {V_ASN1_OCTET_STRING, {0x04, 0x01, 0x61}},
218  // OCTET_STRING { }
219  {V_ASN1_OCTET_STRING, {0x04, 0x00}},
220  // BIT_STRING { `01` `00` }
221  {V_ASN1_BIT_STRING, {0x03, 0x02, 0x01, 0x00}},
222  // INTEGER { -1 }
223  {V_ASN1_INTEGER, {0x02, 0x01, 0xff}},
224  // OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2 }
225  {V_ASN1_OBJECT,
226  {0x06, 0x0c, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7,
227  0x09, 0x02}},
228  // NULL {}
229  {V_ASN1_NULL, {0x05, 0x00}},
230  // SEQUENCE {}
231  {V_ASN1_SEQUENCE, {0x30, 0x00}},
232  // SET {}
233  {V_ASN1_SET, {0x31, 0x00}},
234  // [0] { UTF8String { "a" } }
235  {V_ASN1_OTHER, {0xa0, 0x03, 0x0c, 0x01, 0x61}},
236  };
237  for (const auto &t : kTests) {
238  SCOPED_TRACE(Bytes(t.der));
239 
240  // The input should successfully parse.
241  const uint8_t *ptr = t.der.data();
242  bssl::UniquePtr<ASN1_TYPE> val(d2i_ASN1_TYPE(nullptr, &ptr, t.der.size()));
243  ASSERT_TRUE(val);
244 
245  EXPECT_EQ(ASN1_TYPE_get(val.get()), t.type);
246  EXPECT_EQ(val->type, t.type);
247  TestSerialize(val.get(), i2d_ASN1_TYPE, t.der);
248  }
249 }
250 
251 // Test that reading |value.ptr| from a FALSE |ASN1_TYPE| behaves correctly. The
252 // type historically supported this, so maintain the invariant in case external
253 // code relies on it.
254 TEST(ASN1Test, UnusedBooleanBits) {
255  // OCTET_STRING { "a" }
256  static const uint8_t kDER[] = {0x04, 0x01, 0x61};
257  const uint8_t *ptr = kDER;
258  bssl::UniquePtr<ASN1_TYPE> val(d2i_ASN1_TYPE(nullptr, &ptr, sizeof(kDER)));
259  ASSERT_TRUE(val);
260  EXPECT_EQ(V_ASN1_OCTET_STRING, val->type);
261  EXPECT_TRUE(val->value.ptr);
262 
263  // Set |val| to a BOOLEAN containing FALSE.
264  ASN1_TYPE_set(val.get(), V_ASN1_BOOLEAN, NULL);
265  EXPECT_EQ(V_ASN1_BOOLEAN, val->type);
266  EXPECT_FALSE(val->value.ptr);
267 }
268 
269 TEST(ASN1Test, ParseASN1Object) {
270  // 1.2.840.113554.4.1.72585.2, an arbitrary unknown OID.
271  static const uint8_t kOID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12,
272  0x04, 0x01, 0x84, 0xb7, 0x09, 0x02};
273  ASN1_OBJECT *obj = ASN1_OBJECT_create(NID_undef, kOID, sizeof(kOID),
274  "short name", "long name");
275  ASSERT_TRUE(obj);
276 
277  // OBJECT_IDENTIFIER { 1.3.101.112 }
278  static const uint8_t kDER[] = {0x06, 0x03, 0x2b, 0x65, 0x70};
279  const uint8_t *ptr = kDER;
280  // Parse an |ASN1_OBJECT| with object reuse.
281  EXPECT_TRUE(d2i_ASN1_OBJECT(&obj, &ptr, sizeof(kDER)));
282  EXPECT_EQ(NID_ED25519, OBJ_obj2nid(obj));
283  ASN1_OBJECT_free(obj);
284 
285  // Repeat the test, this time overriding a static |ASN1_OBJECT|. It should
286  // detect this and construct a new one.
287  obj = OBJ_nid2obj(NID_rsaEncryption);
288  ptr = kDER;
289  EXPECT_TRUE(d2i_ASN1_OBJECT(&obj, &ptr, sizeof(kDER)));
290  EXPECT_EQ(NID_ED25519, OBJ_obj2nid(obj));
291  ASN1_OBJECT_free(obj);
292 
293  const std::vector<uint8_t> kInvalidObjects[] = {
294  // No tag header.
295  {},
296  // No length.
297  {0x06},
298  // Truncated contents.
299  {0x06, 0x01},
300  // An OID may not be empty.
301  {0x06, 0x00},
302  // The last byte may not be a continuation byte (high bit set).
303  {0x06, 0x03, 0x2b, 0x65, 0xf0},
304  // Each component must be minimally-encoded.
305  {0x06, 0x03, 0x2b, 0x65, 0x80, 0x70},
306  {0x06, 0x03, 0x80, 0x2b, 0x65, 0x70},
307  // Wrong tag number.
308  {0x01, 0x03, 0x2b, 0x65, 0x70},
309  // Wrong tag class.
310  {0x86, 0x03, 0x2b, 0x65, 0x70},
311  // Element is constructed.
312  {0x26, 0x03, 0x2b, 0x65, 0x70},
313  };
314  for (const auto &invalid : kInvalidObjects) {
315  SCOPED_TRACE(Bytes(invalid));
316  ptr = invalid.data();
317  obj = d2i_ASN1_OBJECT(nullptr, &ptr, invalid.size());
318  EXPECT_FALSE(obj);
319  ASN1_OBJECT_free(obj);
320  ERR_clear_error();
321  }
322 }
323 
324 TEST(ASN1Test, BitString) {
325  const size_t kNotWholeBytes = static_cast<size_t>(-1);
326  const struct {
327  std::vector<uint8_t> in;
328  size_t num_bytes;
329  } kValidInputs[] = {
330  // Empty bit string
331  {{0x03, 0x01, 0x00}, 0},
332  // 0b1
333  {{0x03, 0x02, 0x07, 0x80}, kNotWholeBytes},
334  // 0b1010
335  {{0x03, 0x02, 0x04, 0xa0}, kNotWholeBytes},
336  // 0b1010101
337  {{0x03, 0x02, 0x01, 0xaa}, kNotWholeBytes},
338  // 0b10101010
339  {{0x03, 0x02, 0x00, 0xaa}, 1},
340  // Bits 0 and 63 are set
341  {{0x03, 0x09, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, 8},
342  // 64 zero bits
343  {{0x03, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 8},
344  };
345  for (const auto &test : kValidInputs) {
346  SCOPED_TRACE(Bytes(test.in));
347  // The input should parse and round-trip correctly.
348  const uint8_t *ptr = test.in.data();
349  bssl::UniquePtr<ASN1_BIT_STRING> val(
350  d2i_ASN1_BIT_STRING(nullptr, &ptr, test.in.size()));
351  ASSERT_TRUE(val);
352  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, test.in);
353 
354  // Check the byte count.
355  size_t num_bytes;
356  if (test.num_bytes == kNotWholeBytes) {
357  EXPECT_FALSE(ASN1_BIT_STRING_num_bytes(val.get(), &num_bytes));
358  } else {
359  ASSERT_TRUE(ASN1_BIT_STRING_num_bytes(val.get(), &num_bytes));
360  EXPECT_EQ(num_bytes, test.num_bytes);
361  }
362  }
363 
364  const std::vector<uint8_t> kInvalidInputs[] = {
365  // Wrong tag
366  {0x04, 0x01, 0x00},
367  // Missing leading byte
368  {0x03, 0x00},
369  // Leading byte too high
370  {0x03, 0x02, 0x08, 0x00},
371  {0x03, 0x02, 0xff, 0x00},
372  // Empty bit strings must have a zero leading byte.
373  {0x03, 0x01, 0x01},
374  // Unused bits must all be zero.
375  {0x03, 0x02, 0x06, 0xc1 /* 0b11000001 */},
376  };
377  for (const auto &test : kInvalidInputs) {
378  SCOPED_TRACE(Bytes(test));
379  const uint8_t *ptr = test.data();
380  bssl::UniquePtr<ASN1_BIT_STRING> val(
381  d2i_ASN1_BIT_STRING(nullptr, &ptr, test.size()));
382  EXPECT_FALSE(val);
383  }
384 }
385 
386 TEST(ASN1Test, SetBit) {
387  bssl::UniquePtr<ASN1_BIT_STRING> val(ASN1_BIT_STRING_new());
388  ASSERT_TRUE(val);
389  static const uint8_t kBitStringEmpty[] = {0x03, 0x01, 0x00};
390  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitStringEmpty);
391  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 0));
392  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 100));
393 
394  // Set a few bits via |ASN1_BIT_STRING_set_bit|.
395  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 0, 1));
396  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 1, 1));
397  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 2, 0));
398  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 3, 1));
399  static const uint8_t kBitString1101[] = {0x03, 0x02, 0x04, 0xd0};
400  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString1101);
401  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
402  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 1));
403  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 2));
404  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 3));
405  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 4));
406 
407  // Bits that were set may be cleared.
408  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 1, 0));
409  static const uint8_t kBitString1001[] = {0x03, 0x02, 0x04, 0x90};
410  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString1001);
411  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
412  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 1));
413  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 2));
414  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 3));
415  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 4));
416 
417  // Clearing trailing bits truncates the string.
418  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 3, 0));
419  static const uint8_t kBitString1[] = {0x03, 0x02, 0x07, 0x80};
420  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString1);
421  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
422  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 1));
423  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 2));
424  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 3));
425  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 4));
426 
427  // Bits may be set beyond the end of the string.
428  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 63, 1));
429  static const uint8_t kBitStringLong[] = {0x03, 0x09, 0x00, 0x80, 0x00, 0x00,
430  0x00, 0x00, 0x00, 0x00, 0x01};
431  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitStringLong);
432  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
433  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 62));
434  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 63));
435  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 64));
436 
437  // The string can be truncated back down again.
438  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 63, 0));
439  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString1);
440  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
441  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 62));
442  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 63));
443  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 64));
444 
445  // |ASN1_BIT_STRING_set_bit| also truncates when starting from a parsed
446  // string.
447  const uint8_t *ptr = kBitStringLong;
448  val.reset(d2i_ASN1_BIT_STRING(nullptr, &ptr, sizeof(kBitStringLong)));
449  ASSERT_TRUE(val);
450  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitStringLong);
451  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 63, 0));
452  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString1);
453  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
454  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 62));
455  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 63));
456  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 64));
457 
458  // A parsed bit string preserves trailing zero bits.
459  static const uint8_t kBitString10010[] = {0x03, 0x02, 0x03, 0x90};
460  ptr = kBitString10010;
461  val.reset(d2i_ASN1_BIT_STRING(nullptr, &ptr, sizeof(kBitString10010)));
462  ASSERT_TRUE(val);
463  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString10010);
464  // But |ASN1_BIT_STRING_set_bit| will truncate it even if otherwise a no-op.
465  ASSERT_TRUE(ASN1_BIT_STRING_set_bit(val.get(), 0, 1));
466  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitString1001);
467  EXPECT_EQ(1, ASN1_BIT_STRING_get_bit(val.get(), 0));
468  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 62));
469  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 63));
470  EXPECT_EQ(0, ASN1_BIT_STRING_get_bit(val.get(), 64));
471 
472  // By default, a BIT STRING implicitly truncates trailing zeros.
473  val.reset(ASN1_BIT_STRING_new());
474  ASSERT_TRUE(val);
475  static const uint8_t kZeros[64] = {0};
476  ASSERT_TRUE(ASN1_STRING_set(val.get(), kZeros, sizeof(kZeros)));
477  TestSerialize(val.get(), i2d_ASN1_BIT_STRING, kBitStringEmpty);
478 }
479 
480 TEST(ASN1Test, StringToUTF8) {
481  static const struct {
482  std::vector<uint8_t> in;
483  int type;
484  const char *expected;
485  } kTests[] = {
486  // Non-minimal, two-byte UTF-8.
487  {{0xc0, 0x81}, V_ASN1_UTF8STRING, nullptr},
488  // Non-minimal, three-byte UTF-8.
489  {{0xe0, 0x80, 0x81}, V_ASN1_UTF8STRING, nullptr},
490  // Non-minimal, four-byte UTF-8.
491  {{0xf0, 0x80, 0x80, 0x81}, V_ASN1_UTF8STRING, nullptr},
492  // Truncated, four-byte UTF-8.
493  {{0xf0, 0x80, 0x80}, V_ASN1_UTF8STRING, nullptr},
494  // Low-surrogate value.
495  {{0xed, 0xa0, 0x80}, V_ASN1_UTF8STRING, nullptr},
496  // High-surrogate value.
497  {{0xed, 0xb0, 0x81}, V_ASN1_UTF8STRING, nullptr},
498  // Initial BOMs should be rejected from UCS-2 and UCS-4.
499  {{0xfe, 0xff, 0, 88}, V_ASN1_BMPSTRING, nullptr},
500  {{0, 0, 0xfe, 0xff, 0, 0, 0, 88}, V_ASN1_UNIVERSALSTRING, nullptr},
501  // Otherwise, BOMs should pass through.
502  {{0, 88, 0xfe, 0xff}, V_ASN1_BMPSTRING, "X\xef\xbb\xbf"},
503  {{0, 0, 0, 88, 0, 0, 0xfe, 0xff}, V_ASN1_UNIVERSALSTRING,
504  "X\xef\xbb\xbf"},
505  // The maximum code-point should pass though.
506  {{0, 16, 0xff, 0xfd}, V_ASN1_UNIVERSALSTRING, "\xf4\x8f\xbf\xbd"},
507  // Values outside the Unicode space should not.
508  {{0, 17, 0, 0}, V_ASN1_UNIVERSALSTRING, nullptr},
509  // Non-characters should be rejected.
510  {{0, 1, 0xff, 0xff}, V_ASN1_UNIVERSALSTRING, nullptr},
511  {{0, 1, 0xff, 0xfe}, V_ASN1_UNIVERSALSTRING, nullptr},
512  {{0, 0, 0xfd, 0xd5}, V_ASN1_UNIVERSALSTRING, nullptr},
513  // BMPString is UCS-2, not UTF-16, so surrogate pairs are invalid.
514  {{0xd8, 0, 0xdc, 1}, V_ASN1_BMPSTRING, nullptr},
515  };
516 
517  for (const auto &test : kTests) {
518  SCOPED_TRACE(Bytes(test.in));
519  SCOPED_TRACE(test.type);
520  bssl::UniquePtr<ASN1_STRING> s(ASN1_STRING_type_new(test.type));
521  ASSERT_TRUE(s);
522  ASSERT_TRUE(ASN1_STRING_set(s.get(), test.in.data(), test.in.size()));
523 
524  uint8_t *utf8;
525  const int utf8_len = ASN1_STRING_to_UTF8(&utf8, s.get());
526  EXPECT_EQ(utf8_len < 0, test.expected == nullptr);
527  if (utf8_len >= 0) {
528  if (test.expected != nullptr) {
529  EXPECT_EQ(Bytes(test.expected), Bytes(utf8, utf8_len));
530  }
531  OPENSSL_free(utf8);
532  } else {
533  ERR_clear_error();
534  }
535  }
536 }
537 
538 static std::string ASN1StringToStdString(const ASN1_STRING *str) {
539  return std::string(ASN1_STRING_get0_data(str),
540  ASN1_STRING_get0_data(str) + ASN1_STRING_length(str));
541 }
542 
543 TEST(ASN1Test, SetTime) {
544  static const struct {
545  time_t time;
546  const char *generalized;
547  const char *utc;
548  } kTests[] = {
549  {-631152001, "19491231235959Z", nullptr},
550  {-631152000, "19500101000000Z", "500101000000Z"},
551  {0, "19700101000000Z", "700101000000Z"},
552  {981173106, "20010203040506Z", "010203040506Z"},
553 #if defined(OPENSSL_64_BIT)
554  // TODO(https://crbug.com/boringssl/416): These cases overflow 32-bit
555  // |time_t| and do not consistently work on 32-bit platforms. For now,
556  // disable the tests on 32-bit. Re-enable them once the bug is fixed.
557  {2524607999, "20491231235959Z", "491231235959Z"},
558  {2524608000, "20500101000000Z", nullptr},
559  // Test boundary conditions.
560  {-62167219200, "00000101000000Z", nullptr},
561  {-62167219201, nullptr, nullptr},
562  {253402300799, "99991231235959Z", nullptr},
563  {253402300800, nullptr, nullptr},
564 #endif
565  };
566  for (const auto &t : kTests) {
567  SCOPED_TRACE(t.time);
568 #if defined(OPENSSL_WINDOWS)
569  // Windows |time_t| functions can only handle 1970 through 3000. See
570  // https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/gmtime-s-gmtime32-s-gmtime64-s?view=msvc-160
571  if (t.time < 0 || int64_t{t.time} > 32535215999) {
572  continue;
573  }
574 #endif
575 
576  bssl::UniquePtr<ASN1_UTCTIME> utc(ASN1_UTCTIME_set(nullptr, t.time));
577  if (t.utc) {
578  ASSERT_TRUE(utc);
579  EXPECT_EQ(V_ASN1_UTCTIME, ASN1_STRING_type(utc.get()));
580  EXPECT_EQ(t.utc, ASN1StringToStdString(utc.get()));
581  } else {
582  EXPECT_FALSE(utc);
583  }
584 
585  bssl::UniquePtr<ASN1_GENERALIZEDTIME> generalized(
586  ASN1_GENERALIZEDTIME_set(nullptr, t.time));
587  if (t.generalized) {
588  ASSERT_TRUE(generalized);
589  EXPECT_EQ(V_ASN1_GENERALIZEDTIME, ASN1_STRING_type(generalized.get()));
590  EXPECT_EQ(t.generalized, ASN1StringToStdString(generalized.get()));
591  } else {
592  EXPECT_FALSE(generalized);
593  }
594 
595  bssl::UniquePtr<ASN1_TIME> choice(ASN1_TIME_set(nullptr, t.time));
596  if (t.generalized) {
597  ASSERT_TRUE(choice);
598  if (t.utc) {
599  EXPECT_EQ(V_ASN1_UTCTIME, ASN1_STRING_type(choice.get()));
600  EXPECT_EQ(t.utc, ASN1StringToStdString(choice.get()));
601  } else {
602  EXPECT_EQ(V_ASN1_GENERALIZEDTIME, ASN1_STRING_type(choice.get()));
603  EXPECT_EQ(t.generalized, ASN1StringToStdString(choice.get()));
604  }
605  } else {
606  EXPECT_FALSE(choice);
607  }
608  }
609 }
610 
611 static std::vector<uint8_t> StringToVector(const std::string &str) {
612  return std::vector<uint8_t>(str.begin(), str.end());
613 }
614 
615 TEST(ASN1Test, StringPrintEx) {
616  const struct {
617  int type;
618  std::vector<uint8_t> data;
619  int str_flags;
620  unsigned long flags;
621  std::string expected;
622  } kTests[] = {
623  // A string like "hello" is never escaped or quoted.
624  // |ASN1_STRFLGS_ESC_QUOTE| only introduces quotes when needed. Note
625  // OpenSSL interprets T61String as Latin-1.
626  {V_ASN1_T61STRING, StringToVector("hello"), 0, 0, "hello"},
627  {V_ASN1_T61STRING, StringToVector("hello"), 0,
628  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB,
629  "hello"},
630  {V_ASN1_T61STRING, StringToVector("hello"), 0,
631  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
632  ASN1_STRFLGS_ESC_QUOTE,
633  "hello"},
634 
635  // By default, 8-bit characters are printed without escaping.
636  {V_ASN1_T61STRING,
637  {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
638  0,
639  0,
640  std::string(1, '\0') + "\n\x80\xff,+\"\\<>;"},
641 
642  // Flags control different escapes. Note that any escape flag will cause
643  // blackslashes to be escaped.
644  {V_ASN1_T61STRING,
645  {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
646  0,
647  ASN1_STRFLGS_ESC_2253,
648  std::string(1, '\0') + "\n\x80\xff\\,\\+\\\"\\\\\\<\\>\\;"},
649  {V_ASN1_T61STRING,
650  {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
651  0,
652  ASN1_STRFLGS_ESC_CTRL,
653  "\\00\\0A\x80\xff,+\"\\\\<>;"},
654  {V_ASN1_T61STRING,
655  {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
656  0,
657  ASN1_STRFLGS_ESC_MSB,
658  std::string(1, '\0') + "\n\\80\\FF,+\"\\\\<>;"},
659  {V_ASN1_T61STRING,
660  {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
661  0,
662  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB,
663  "\\00\\0A\\80\\FF\\,\\+\\\"\\\\\\<\\>\\;"},
664 
665  // When quoted, fewer characters need to be escaped in RFC 2253.
666  {V_ASN1_T61STRING,
667  {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
668  0,
669  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
670  ASN1_STRFLGS_ESC_QUOTE,
671  "\"\\00\\0A\\80\\FF,+\\\"\\\\<>;\""},
672 
673  // If no characters benefit from quotes, no quotes are added.
674  {V_ASN1_T61STRING,
675  {0, '\n', 0x80, 0xff, '"', '\\'},
676  0,
677  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
678  ASN1_STRFLGS_ESC_QUOTE,
679  "\\00\\0A\\80\\FF\\\"\\\\"},
680 
681  // RFC 2253 only escapes spaces at the start and end of a string.
682  {V_ASN1_T61STRING, StringToVector(" "), 0, ASN1_STRFLGS_ESC_2253,
683  "\\ \\ "},
684  {V_ASN1_T61STRING, StringToVector(" "), 0,
685  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_QUOTE, "\" \""},
686 
687  // RFC 2253 only escapes # at the start of a string.
688  {V_ASN1_T61STRING, StringToVector("###"), 0, ASN1_STRFLGS_ESC_2253,
689  "\\###"},
690  {V_ASN1_T61STRING, StringToVector("###"), 0,
691  ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_QUOTE, "\"###\""},
692 
693  // By default, strings are decoded and Unicode code points are
694  // individually escaped.
695  {V_ASN1_UTF8STRING, StringToVector("a\xc2\x80\xc4\x80\xf0\x90\x80\x80"),
696  0, ASN1_STRFLGS_ESC_MSB, "a\\80\\U0100\\W00010000"},
697  {V_ASN1_BMPSTRING,
698  {0x00, 'a', 0x00, 0x80, 0x01, 0x00},
699  0,
700  ASN1_STRFLGS_ESC_MSB,
701  "a\\80\\U0100"},
702  {V_ASN1_UNIVERSALSTRING,
703  {0x00, 0x00, 0x00, 'a', //
704  0x00, 0x00, 0x00, 0x80, //
705  0x00, 0x00, 0x01, 0x00, //
706  0x00, 0x01, 0x00, 0x00},
707  0,
708  ASN1_STRFLGS_ESC_MSB,
709  "a\\80\\U0100\\W00010000"},
710 
711  // |ASN1_STRFLGS_UTF8_CONVERT| normalizes everything to UTF-8 and then
712  // escapes individual bytes.
713  {V_ASN1_IA5STRING, StringToVector("a\x80"), 0,
714  ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT, "a\\C2\\80"},
715  {V_ASN1_T61STRING, StringToVector("a\x80"), 0,
716  ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT, "a\\C2\\80"},
717  {V_ASN1_UTF8STRING, StringToVector("a\xc2\x80\xc4\x80\xf0\x90\x80\x80"),
718  0, ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT,
719  "a\\C2\\80\\C4\\80\\F0\\90\\80\\80"},
720  {V_ASN1_BMPSTRING,
721  {0x00, 'a', 0x00, 0x80, 0x01, 0x00},
722  0,
723  ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT,
724  "a\\C2\\80\\C4\\80"},
725  {V_ASN1_UNIVERSALSTRING,
726  {0x00, 0x00, 0x00, 'a', //
727  0x00, 0x00, 0x00, 0x80, //
728  0x00, 0x00, 0x01, 0x00, //
729  0x00, 0x01, 0x00, 0x00},
730  0,
731  ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT,
732  "a\\C2\\80\\C4\\80\\F0\\90\\80\\80"},
733 
734  // The same as above, but without escaping the UTF-8 encoding.
735  {V_ASN1_IA5STRING, StringToVector("a\x80"), 0, ASN1_STRFLGS_UTF8_CONVERT,
736  "a\xc2\x80"},
737  {V_ASN1_T61STRING, StringToVector("a\x80"), 0, ASN1_STRFLGS_UTF8_CONVERT,
738  "a\xc2\x80"},
739  {V_ASN1_UTF8STRING, StringToVector("a\xc2\x80\xc4\x80\xf0\x90\x80\x80"),
740  0, ASN1_STRFLGS_UTF8_CONVERT, "a\xc2\x80\xc4\x80\xf0\x90\x80\x80"},
741  {V_ASN1_BMPSTRING,
742  {0x00, 'a', 0x00, 0x80, 0x01, 0x00},
743  0,
744  ASN1_STRFLGS_UTF8_CONVERT,
745  "a\xc2\x80\xc4\x80"},
746  {V_ASN1_UNIVERSALSTRING,
747  {0x00, 0x00, 0x00, 'a', //
748  0x00, 0x00, 0x00, 0x80, //
749  0x00, 0x00, 0x01, 0x00, //
750  0x00, 0x01, 0x00, 0x00},
751  0,
752  ASN1_STRFLGS_UTF8_CONVERT,
753  "a\xc2\x80\xc4\x80\xf0\x90\x80\x80"},
754 
755  // Types that cannot be decoded are, by default, treated as a byte string.
756  {V_ASN1_OCTET_STRING, {0xff}, 0, 0, "\xff"},
757  {-1, {0xff}, 0, 0, "\xff"},
758  {100, {0xff}, 0, 0, "\xff"},
759 
760  // |ASN1_STRFLGS_UTF8_CONVERT| still converts these bytes to UTF-8.
761  //
762  // TODO(davidben): This seems like a bug. Although it's unclear because
763  // the non-RFC-2253 options aren't especially sound. Can we just remove
764  // them?
765  {V_ASN1_OCTET_STRING, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
766  {-1, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
767  {100, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
768 
769  // |ASN1_STRFLGS_IGNORE_TYPE| causes the string type to be ignored, so it
770  // is always treated as a byte string, even if it is not a valid encoding.
771  {V_ASN1_UTF8STRING, {0xff}, 0, ASN1_STRFLGS_IGNORE_TYPE, "\xff"},
772  {V_ASN1_BMPSTRING, {0xff}, 0, ASN1_STRFLGS_IGNORE_TYPE, "\xff"},
773  {V_ASN1_UNIVERSALSTRING, {0xff}, 0, ASN1_STRFLGS_IGNORE_TYPE, "\xff"},
774 
775  // |ASN1_STRFLGS_SHOW_TYPE| prepends the type name.
776  {V_ASN1_UTF8STRING, {'a'}, 0, ASN1_STRFLGS_SHOW_TYPE, "UTF8STRING:a"},
777  {-1, {'a'}, 0, ASN1_STRFLGS_SHOW_TYPE, "(unknown):a"},
778  {100, {'a'}, 0, ASN1_STRFLGS_SHOW_TYPE, "(unknown):a"},
779 
780  // |ASN1_STRFLGS_DUMP_ALL| and |ASN1_STRFLGS_DUMP_UNKNOWN| cause
781  // non-string types to be printed in hex, though without the DER wrapper
782  // by default.
783  {V_ASN1_UTF8STRING, StringToVector("\xe2\x98\x83"), 0,
784  ASN1_STRFLGS_DUMP_UNKNOWN, "\\U2603"},
785  {V_ASN1_UTF8STRING, StringToVector("\xe2\x98\x83"), 0,
786  ASN1_STRFLGS_DUMP_ALL, "#E29883"},
787  {V_ASN1_OCTET_STRING, StringToVector("\xe2\x98\x83"), 0,
788  ASN1_STRFLGS_DUMP_UNKNOWN, "#E29883"},
789  {V_ASN1_OCTET_STRING, StringToVector("\xe2\x98\x83"), 0,
790  ASN1_STRFLGS_DUMP_ALL, "#E29883"},
791 
792  // |ASN1_STRFLGS_DUMP_DER| includes the entire element.
793  {V_ASN1_UTF8STRING, StringToVector("\xe2\x98\x83"), 0,
794  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER, "#0C03E29883"},
795  {V_ASN1_OCTET_STRING, StringToVector("\xe2\x98\x83"), 0,
796  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER, "#0403E29883"},
797  {V_ASN1_BIT_STRING,
798  {0x80},
799  ASN1_STRING_FLAG_BITS_LEFT | 4,
800  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER,
801  "#03020480"},
802  // INTEGER { 1 }
803  {V_ASN1_INTEGER,
804  {0x01},
805  0,
806  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER,
807  "#020101"},
808  // INTEGER { -1 }
809  {V_ASN1_NEG_INTEGER,
810  {0x01},
811  0,
812  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER,
813  "#0201FF"},
814  // ENUMERATED { 1 }
815  {V_ASN1_ENUMERATED,
816  {0x01},
817  0,
818  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER,
819  "#0A0101"},
820  // ENUMERATED { -1 }
821  {V_ASN1_NEG_ENUMERATED,
822  {0x01},
823  0,
824  ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER,
825  "#0A01FF"},
826  };
827  for (const auto &t : kTests) {
828  SCOPED_TRACE(t.type);
829  SCOPED_TRACE(Bytes(t.data));
830  SCOPED_TRACE(t.str_flags);
831  SCOPED_TRACE(t.flags);
832 
833  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_type_new(t.type));
834  ASSERT_TRUE(ASN1_STRING_set(str.get(), t.data.data(), t.data.size()));
835  str->flags = t.str_flags;
836 
837  // If the |BIO| is null, it should measure the size.
838  int len = ASN1_STRING_print_ex(nullptr, str.get(), t.flags);
839  EXPECT_EQ(len, static_cast<int>(t.expected.size()));
840 
841  // Measuring the size should also work for the |FILE| version
842  len = ASN1_STRING_print_ex_fp(nullptr, str.get(), t.flags);
843  EXPECT_EQ(len, static_cast<int>(t.expected.size()));
844 
845  // Actually print the string.
846  bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
847  ASSERT_TRUE(bio);
848  len = ASN1_STRING_print_ex(bio.get(), str.get(), t.flags);
849  EXPECT_EQ(len, static_cast<int>(t.expected.size()));
850 
851  const uint8_t *bio_contents;
852  size_t bio_len;
853  ASSERT_TRUE(BIO_mem_contents(bio.get(), &bio_contents, &bio_len));
854  EXPECT_EQ(t.expected, std::string(bio_contents, bio_contents + bio_len));
855  }
856 
857  const struct {
858  int type;
859  std::vector<uint8_t> data;
860  int str_flags;
861  unsigned long flags;
862  } kUnprintableTests[] = {
863  // When decoding strings, invalid codepoints are errors.
864  {V_ASN1_UTF8STRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
865  {V_ASN1_BMPSTRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
866  {V_ASN1_BMPSTRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
867  {V_ASN1_UNIVERSALSTRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
868  };
869  for (const auto &t : kUnprintableTests) {
870  SCOPED_TRACE(t.type);
871  SCOPED_TRACE(Bytes(t.data));
872  SCOPED_TRACE(t.str_flags);
873  SCOPED_TRACE(t.flags);
874 
875  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_type_new(t.type));
876  ASSERT_TRUE(ASN1_STRING_set(str.get(), t.data.data(), t.data.size()));
877  str->flags = t.str_flags;
878 
879  // If the |BIO| is null, it should measure the size.
880  int len = ASN1_STRING_print_ex(nullptr, str.get(), t.flags);
881  EXPECT_EQ(len, -1);
882  ERR_clear_error();
883 
884  // Measuring the size should also work for the |FILE| version
885  len = ASN1_STRING_print_ex_fp(nullptr, str.get(), t.flags);
886  EXPECT_EQ(len, -1);
887  ERR_clear_error();
888 
889  // Actually print the string.
890  bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
891  ASSERT_TRUE(bio);
892  len = ASN1_STRING_print_ex(bio.get(), str.get(), t.flags);
893  EXPECT_EQ(len, -1);
894  ERR_clear_error();
895  }
896 }
897 
898 TEST(ASN1Test, MBString) {
899  const unsigned long kAll = B_ASN1_PRINTABLESTRING | B_ASN1_IA5STRING |
900  B_ASN1_T61STRING | B_ASN1_BMPSTRING |
901  B_ASN1_UNIVERSALSTRING | B_ASN1_UTF8STRING;
902 
903  const struct {
904  int format;
905  std::vector<uint8_t> in;
906  unsigned long mask;
907  int expected_type;
908  std::vector<uint8_t> expected_data;
909  int num_codepoints;
910  } kTests[] = {
911  // Given a choice of formats, we pick the smallest that fits.
912  {MBSTRING_UTF8, {}, kAll, V_ASN1_PRINTABLESTRING, {}, 0},
913  {MBSTRING_UTF8, {'a'}, kAll, V_ASN1_PRINTABLESTRING, {'a'}, 1},
914  {MBSTRING_UTF8,
915  {'a', 'A', '0', '\'', '(', ')', '+', ',', '-', '.', '/', ':', '=', '?'},
916  kAll,
917  V_ASN1_PRINTABLESTRING,
918  {'a', 'A', '0', '\'', '(', ')', '+', ',', '-', '.', '/', ':', '=', '?'},
919  14},
920  {MBSTRING_UTF8, {'*'}, kAll, V_ASN1_IA5STRING, {'*'}, 1},
921  {MBSTRING_UTF8, {'\n'}, kAll, V_ASN1_IA5STRING, {'\n'}, 1},
922  {MBSTRING_UTF8,
923  {0xc2, 0x80 /* U+0080 */},
924  kAll,
925  V_ASN1_T61STRING,
926  {0x80},
927  1},
928  {MBSTRING_UTF8,
929  {0xc4, 0x80 /* U+0100 */},
930  kAll,
931  V_ASN1_BMPSTRING,
932  {0x01, 0x00},
933  1},
934  {MBSTRING_UTF8,
935  {0xf0, 0x90, 0x80, 0x80 /* U+10000 */},
936  kAll,
937  V_ASN1_UNIVERSALSTRING,
938  {0x00, 0x01, 0x00, 0x00},
939  1},
940  {MBSTRING_UTF8,
941  {0xf0, 0x90, 0x80, 0x80 /* U+10000 */},
942  kAll & ~B_ASN1_UNIVERSALSTRING,
943  V_ASN1_UTF8STRING,
944  {0xf0, 0x90, 0x80, 0x80},
945  1},
946 
947  // NUL is not printable. It should also not terminate iteration.
948  {MBSTRING_UTF8, {0}, kAll, V_ASN1_IA5STRING, {0}, 1},
949  {MBSTRING_UTF8, {0, 'a'}, kAll, V_ASN1_IA5STRING, {0, 'a'}, 2},
950 
951  // When a particular format is specified, we use it.
952  {MBSTRING_UTF8,
953  {'a'},
954  B_ASN1_PRINTABLESTRING,
955  V_ASN1_PRINTABLESTRING,
956  {'a'},
957  1},
958  {MBSTRING_UTF8, {'a'}, B_ASN1_IA5STRING, V_ASN1_IA5STRING, {'a'}, 1},
959  {MBSTRING_UTF8, {'a'}, B_ASN1_T61STRING, V_ASN1_T61STRING, {'a'}, 1},
960  {MBSTRING_UTF8, {'a'}, B_ASN1_UTF8STRING, V_ASN1_UTF8STRING, {'a'}, 1},
961  {MBSTRING_UTF8,
962  {'a'},
963  B_ASN1_BMPSTRING,
964  V_ASN1_BMPSTRING,
965  {0x00, 'a'},
966  1},
967  {MBSTRING_UTF8,
968  {'a'},
969  B_ASN1_UNIVERSALSTRING,
970  V_ASN1_UNIVERSALSTRING,
971  {0x00, 0x00, 0x00, 'a'},
972  1},
973 
974  // A long string with characters of many widths, to test sizes are
975  // measured in code points.
976  {MBSTRING_UTF8,
977  {
978  'a', //
979  0xc2, 0x80, // U+0080
980  0xc4, 0x80, // U+0100
981  0xf0, 0x90, 0x80, 0x80, // U+10000
982  },
983  B_ASN1_UNIVERSALSTRING,
984  V_ASN1_UNIVERSALSTRING,
985  {
986  0x00, 0x00, 0x00, 'a', //
987  0x00, 0x00, 0x00, 0x80, //
988  0x00, 0x00, 0x01, 0x00, //
989  0x00, 0x01, 0x00, 0x00, //
990  },
991  4},
992  };
993  for (const auto &t : kTests) {
994  SCOPED_TRACE(t.format);
995  SCOPED_TRACE(Bytes(t.in));
996  SCOPED_TRACE(t.mask);
997 
998  // Passing in nullptr should do a dry run.
999  EXPECT_EQ(t.expected_type,
1000  ASN1_mbstring_copy(nullptr, t.in.data(), t.in.size(), t.format,
1001  t.mask));
1002 
1003  // Test allocating a new object.
1004  ASN1_STRING *str = nullptr;
1005  EXPECT_EQ(
1006  t.expected_type,
1007  ASN1_mbstring_copy(&str, t.in.data(), t.in.size(), t.format, t.mask));
1008  ASSERT_TRUE(str);
1009  EXPECT_EQ(t.expected_type, ASN1_STRING_type(str));
1010  EXPECT_EQ(Bytes(t.expected_data),
1011  Bytes(ASN1_STRING_get0_data(str), ASN1_STRING_length(str)));
1012 
1013  // Test writing into an existing object.
1014  ASN1_STRING_free(str);
1015  str = ASN1_STRING_new();
1016  ASSERT_TRUE(str);
1017  ASN1_STRING *old_str = str;
1018  EXPECT_EQ(
1019  t.expected_type,
1020  ASN1_mbstring_copy(&str, t.in.data(), t.in.size(), t.format, t.mask));
1021  ASSERT_EQ(old_str, str);
1022  EXPECT_EQ(t.expected_type, ASN1_STRING_type(str));
1023  EXPECT_EQ(Bytes(t.expected_data),
1024  Bytes(ASN1_STRING_get0_data(str), ASN1_STRING_length(str)));
1025  ASN1_STRING_free(str);
1026  str = nullptr;
1027 
1028  // minsize and maxsize should be enforced, even in a dry run.
1029  EXPECT_EQ(t.expected_type,
1030  ASN1_mbstring_ncopy(nullptr, t.in.data(), t.in.size(), t.format,
1031  t.mask, /*minsize=*/t.num_codepoints,
1032  /*maxsize=*/t.num_codepoints));
1033 
1034  EXPECT_EQ(t.expected_type,
1035  ASN1_mbstring_ncopy(&str, t.in.data(), t.in.size(), t.format,
1036  t.mask, /*minsize=*/t.num_codepoints,
1037  /*maxsize=*/t.num_codepoints));
1038  ASSERT_TRUE(str);
1039  EXPECT_EQ(t.expected_type, ASN1_STRING_type(str));
1040  EXPECT_EQ(Bytes(t.expected_data),
1041  Bytes(ASN1_STRING_get0_data(str), ASN1_STRING_length(str)));
1042  ASN1_STRING_free(str);
1043  str = nullptr;
1044 
1045  EXPECT_EQ(-1, ASN1_mbstring_ncopy(
1046  nullptr, t.in.data(), t.in.size(), t.format, t.mask,
1047  /*minsize=*/t.num_codepoints + 1, /*maxsize=*/0));
1048  ERR_clear_error();
1049  EXPECT_EQ(-1, ASN1_mbstring_ncopy(
1050  &str, t.in.data(), t.in.size(), t.format, t.mask,
1051  /*minsize=*/t.num_codepoints + 1, /*maxsize=*/0));
1052  EXPECT_FALSE(str);
1053  ERR_clear_error();
1054  if (t.num_codepoints > 1) {
1055  EXPECT_EQ(-1, ASN1_mbstring_ncopy(
1056  nullptr, t.in.data(), t.in.size(), t.format, t.mask,
1057  /*minsize=*/0, /*maxsize=*/t.num_codepoints - 1));
1058  ERR_clear_error();
1059  EXPECT_EQ(-1, ASN1_mbstring_ncopy(
1060  &str, t.in.data(), t.in.size(), t.format, t.mask,
1061  /*minsize=*/0, /*maxsize=*/t.num_codepoints - 1));
1062  EXPECT_FALSE(str);
1063  ERR_clear_error();
1064  }
1065  }
1066 
1067  const struct {
1068  int format;
1069  std::vector<uint8_t> in;
1070  unsigned long mask;
1071  } kInvalidTests[] = {
1072  // Invalid encodings are rejected.
1073  {MBSTRING_UTF8, {0xff}, B_ASN1_UTF8STRING},
1074  {MBSTRING_BMP, {0xff}, B_ASN1_UTF8STRING},
1075  {MBSTRING_UNIV, {0xff}, B_ASN1_UTF8STRING},
1076 
1077  // Lone surrogates are not code points.
1078  {MBSTRING_UTF8, {0xed, 0xa0, 0x80}, B_ASN1_UTF8STRING},
1079  {MBSTRING_BMP, {0xd8, 0x00}, B_ASN1_UTF8STRING},
1080  {MBSTRING_UNIV, {0x00, 0x00, 0xd8, 0x00}, B_ASN1_UTF8STRING},
1081 
1082  // The input does not fit in the allowed output types.
1083  {MBSTRING_UTF8, {'\n'}, B_ASN1_PRINTABLESTRING},
1084  {MBSTRING_UTF8,
1085  {0xc2, 0x80 /* U+0080 */},
1086  B_ASN1_PRINTABLESTRING | B_ASN1_IA5STRING},
1087  {MBSTRING_UTF8,
1088  {0xc4, 0x80 /* U+0100 */},
1089  B_ASN1_PRINTABLESTRING | B_ASN1_IA5STRING | B_ASN1_T61STRING},
1090  {MBSTRING_UTF8,
1091  {0xf0, 0x90, 0x80, 0x80 /* U+10000 */},
1092  B_ASN1_PRINTABLESTRING | B_ASN1_IA5STRING | B_ASN1_T61STRING |
1093  B_ASN1_BMPSTRING},
1094 
1095  // Unrecognized bits are ignored.
1096  {MBSTRING_UTF8, {'\n'}, B_ASN1_PRINTABLESTRING | B_ASN1_SEQUENCE},
1097  };
1098  for (const auto &t : kInvalidTests) {
1099  SCOPED_TRACE(t.format);
1100  SCOPED_TRACE(Bytes(t.in));
1101  SCOPED_TRACE(t.mask);
1102 
1103  EXPECT_EQ(-1, ASN1_mbstring_copy(nullptr, t.in.data(), t.in.size(),
1104  t.format, t.mask));
1105  ERR_clear_error();
1106 
1107  ASN1_STRING *str = nullptr;
1108  EXPECT_EQ(-1, ASN1_mbstring_copy(&str, t.in.data(), t.in.size(),
1109  t.format, t.mask));
1110  ERR_clear_error();
1111  EXPECT_EQ(nullptr, str);
1112  }
1113 }
1114 
1115 TEST(ASN1Test, StringByNID) {
1116  // |ASN1_mbstring_*| tests above test most of the interactions with |inform|,
1117  // so all tests below use UTF-8.
1118  const struct {
1119  int nid;
1120  std::string in;
1121  int expected_type;
1122  std::string expected;
1123  } kTests[] = {
1124  // Although DirectoryString and PKCS9String allow many types of strings,
1125  // we prefer UTF8String.
1126  {NID_commonName, "abc", V_ASN1_UTF8STRING, "abc"},
1127  {NID_commonName, "\xe2\x98\x83", V_ASN1_UTF8STRING, "\xe2\x98\x83"},
1128  {NID_localityName, "abc", V_ASN1_UTF8STRING, "abc"},
1129  {NID_stateOrProvinceName, "abc", V_ASN1_UTF8STRING, "abc"},
1130  {NID_organizationName, "abc", V_ASN1_UTF8STRING, "abc"},
1131  {NID_organizationalUnitName, "abc", V_ASN1_UTF8STRING, "abc"},
1132  {NID_pkcs9_unstructuredName, "abc", V_ASN1_UTF8STRING, "abc"},
1133  {NID_pkcs9_challengePassword, "abc", V_ASN1_UTF8STRING, "abc"},
1134  {NID_pkcs9_unstructuredAddress, "abc", V_ASN1_UTF8STRING, "abc"},
1135  {NID_givenName, "abc", V_ASN1_UTF8STRING, "abc"},
1136  {NID_givenName, "abc", V_ASN1_UTF8STRING, "abc"},
1137  {NID_givenName, "abc", V_ASN1_UTF8STRING, "abc"},
1138  {NID_surname, "abc", V_ASN1_UTF8STRING, "abc"},
1139  {NID_initials, "abc", V_ASN1_UTF8STRING, "abc"},
1140  {NID_name, "abc", V_ASN1_UTF8STRING, "abc"},
1141 
1142  // Some attribute types use a particular string type.
1143  {NID_countryName, "US", V_ASN1_PRINTABLESTRING, "US"},
1144  {NID_pkcs9_emailAddress, "example@example.com", V_ASN1_IA5STRING,
1145  "example@example.com"},
1146  {NID_serialNumber, "1234", V_ASN1_PRINTABLESTRING, "1234"},
1147  {NID_friendlyName, "abc", V_ASN1_BMPSTRING,
1148  std::string({'\0', 'a', '\0', 'b', '\0', 'c'})},
1149  {NID_dnQualifier, "US", V_ASN1_PRINTABLESTRING, "US"},
1150  {NID_domainComponent, "com", V_ASN1_IA5STRING, "com"},
1151  {NID_ms_csp_name, "abc", V_ASN1_BMPSTRING,
1152  std::string({'\0', 'a', '\0', 'b', '\0', 'c'})},
1153 
1154  // Unknown NIDs default to UTF8String.
1155  {NID_rsaEncryption, "abc", V_ASN1_UTF8STRING, "abc"},
1156  };
1157  for (const auto &t : kTests) {
1158  SCOPED_TRACE(t.nid);
1159  SCOPED_TRACE(t.in);
1160 
1161  // Test allocating a new object.
1162  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_set_by_NID(
1163  nullptr, reinterpret_cast<const uint8_t *>(t.in.data()), t.in.size(),
1164  MBSTRING_UTF8, t.nid));
1165  ASSERT_TRUE(str);
1166  EXPECT_EQ(t.expected_type, ASN1_STRING_type(str.get()));
1167  EXPECT_EQ(Bytes(t.expected), Bytes(ASN1_STRING_get0_data(str.get()),
1168  ASN1_STRING_length(str.get())));
1169 
1170  // Test writing into an existing object.
1171  str.reset(ASN1_STRING_new());
1172  ASSERT_TRUE(str);
1173  ASN1_STRING *old_str = str.get();
1174  ASSERT_TRUE(ASN1_STRING_set_by_NID(
1175  &old_str, reinterpret_cast<const uint8_t *>(t.in.data()), t.in.size(),
1176  MBSTRING_UTF8, t.nid));
1177  ASSERT_EQ(old_str, str.get());
1178  EXPECT_EQ(t.expected_type, ASN1_STRING_type(str.get()));
1179  EXPECT_EQ(Bytes(t.expected), Bytes(ASN1_STRING_get0_data(str.get()),
1180  ASN1_STRING_length(str.get())));
1181  }
1182 
1183  const struct {
1184  int nid;
1185  std::string in;
1186  } kInvalidTests[] = {
1187  // DirectoryString forbids empty inputs.
1188  {NID_commonName, ""},
1189  {NID_localityName, ""},
1190  {NID_stateOrProvinceName, ""},
1191  {NID_organizationName, ""},
1192  {NID_organizationalUnitName, ""},
1193  {NID_pkcs9_unstructuredName, ""},
1194  {NID_pkcs9_challengePassword, ""},
1195  {NID_pkcs9_unstructuredAddress, ""},
1196  {NID_givenName, ""},
1197  {NID_givenName, ""},
1198  {NID_givenName, ""},
1199  {NID_surname, ""},
1200  {NID_initials, ""},
1201  {NID_name, ""},
1202 
1203  // Test upper bounds from RFC 5280.
1204  {NID_name, std::string(32769, 'a')},
1205  {NID_commonName, std::string(65, 'a')},
1206  {NID_localityName, std::string(129, 'a')},
1207  {NID_stateOrProvinceName, std::string(129, 'a')},
1208  {NID_organizationName, std::string(65, 'a')},
1209  {NID_organizationalUnitName, std::string(65, 'a')},
1210  {NID_pkcs9_emailAddress, std::string(256, 'a')},
1211  {NID_serialNumber, std::string(65, 'a')},
1212 
1213  // X520countryName must be exactly two characters.
1214  {NID_countryName, "A"},
1215  {NID_countryName, "AAA"},
1216 
1217  // Some string types cannot represent all codepoints.
1218  {NID_countryName, "\xe2\x98\x83"},
1219  {NID_pkcs9_emailAddress, "\xe2\x98\x83"},
1220  {NID_serialNumber, "\xe2\x98\x83"},
1221  {NID_dnQualifier, "\xe2\x98\x83"},
1222  {NID_domainComponent, "\xe2\x98\x83"},
1223  };
1224  for (const auto &t : kInvalidTests) {
1225  SCOPED_TRACE(t.nid);
1226  SCOPED_TRACE(t.in);
1227  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_set_by_NID(
1228  nullptr, reinterpret_cast<const uint8_t *>(t.in.data()), t.in.size(),
1229  MBSTRING_UTF8, t.nid));
1230  EXPECT_FALSE(str);
1231  ERR_clear_error();
1232  }
1233 }
1234 
1235 TEST(ASN1Test, StringByCustomNID) {
1236  // This test affects library-global state. We rely on nothing else in the test
1237  // suite using these OIDs.
1238  int nid1 = OBJ_create("1.2.840.113554.4.1.72585.1000", "custom OID 1000",
1239  "custom OID 1000");
1240  ASSERT_NE(NID_undef, nid1);
1241  int nid2 = OBJ_create("1.2.840.113554.4.1.72585.1001", "custom OID 1001",
1242  "custom OID 1001");
1243  ASSERT_NE(NID_undef, nid2);
1244 
1245  // Values registered in the string table should be picked up.
1246  ASSERT_TRUE(ASN1_STRING_TABLE_add(nid1, 5, 10, V_ASN1_PRINTABLESTRING,
1247  STABLE_NO_MASK));
1248  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_set_by_NID(
1249  nullptr, reinterpret_cast<const uint8_t *>("12345"), 5, MBSTRING_UTF8,
1250  nid1));
1251  ASSERT_TRUE(str);
1252  EXPECT_EQ(V_ASN1_PRINTABLESTRING, ASN1_STRING_type(str.get()));
1253  EXPECT_EQ(Bytes("12345"), Bytes(ASN1_STRING_get0_data(str.get()),
1254  ASN1_STRING_length(str.get())));
1255 
1256  // Minimum and maximum lengths are enforced.
1257  str.reset(ASN1_STRING_set_by_NID(
1258  nullptr, reinterpret_cast<const uint8_t *>("1234"), 4, MBSTRING_UTF8,
1259  nid1));
1260  EXPECT_FALSE(str);
1261  ERR_clear_error();
1262  str.reset(ASN1_STRING_set_by_NID(
1263  nullptr, reinterpret_cast<const uint8_t *>("12345678901"), 11,
1264  MBSTRING_UTF8, nid1));
1265  EXPECT_FALSE(str);
1266  ERR_clear_error();
1267 
1268  // Without |STABLE_NO_MASK|, we always pick UTF8String. -1 means there is no
1269  // length limit.
1270  ASSERT_TRUE(ASN1_STRING_TABLE_add(nid2, -1, -1, DIRSTRING_TYPE, 0));
1271  str.reset(ASN1_STRING_set_by_NID(nullptr,
1272  reinterpret_cast<const uint8_t *>("12345"),
1273  5, MBSTRING_UTF8, nid2));
1274  ASSERT_TRUE(str);
1275  EXPECT_EQ(V_ASN1_UTF8STRING, ASN1_STRING_type(str.get()));
1276  EXPECT_EQ(Bytes("12345"), Bytes(ASN1_STRING_get0_data(str.get()),
1277  ASN1_STRING_length(str.get())));
1278 
1279  // Overriding existing entries, built-in or custom, is an error.
1280  EXPECT_FALSE(
1281  ASN1_STRING_TABLE_add(NID_countryName, -1, -1, DIRSTRING_TYPE, 0));
1282  EXPECT_FALSE(ASN1_STRING_TABLE_add(nid1, -1, -1, DIRSTRING_TYPE, 0));
1283 }
1284 
1285 #if defined(OPENSSL_THREADS)
1286 TEST(ASN1Test, StringByCustomNIDThreads) {
1287  // This test affects library-global state. We rely on nothing else in the test
1288  // suite using these OIDs.
1289  int nid1 = OBJ_create("1.2.840.113554.4.1.72585.1002", "custom OID 1002",
1290  "custom OID 1002");
1291  ASSERT_NE(NID_undef, nid1);
1292  int nid2 = OBJ_create("1.2.840.113554.4.1.72585.1003", "custom OID 1003",
1293  "custom OID 1003");
1294  ASSERT_NE(NID_undef, nid2);
1295 
1296  std::vector<std::thread> threads;
1297  threads.emplace_back([&] {
1298  ASSERT_TRUE(ASN1_STRING_TABLE_add(nid1, 5, 10, V_ASN1_PRINTABLESTRING,
1299  STABLE_NO_MASK));
1300  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_set_by_NID(
1301  nullptr, reinterpret_cast<const uint8_t *>("12345"), 5, MBSTRING_UTF8,
1302  nid1));
1303  ASSERT_TRUE(str);
1304  EXPECT_EQ(V_ASN1_PRINTABLESTRING, ASN1_STRING_type(str.get()));
1305  EXPECT_EQ(Bytes("12345"), Bytes(ASN1_STRING_get0_data(str.get()),
1306  ASN1_STRING_length(str.get())));
1307  });
1308  threads.emplace_back([&] {
1309  ASSERT_TRUE(ASN1_STRING_TABLE_add(nid2, 5, 10, V_ASN1_PRINTABLESTRING,
1310  STABLE_NO_MASK));
1311  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_set_by_NID(
1312  nullptr, reinterpret_cast<const uint8_t *>("12345"), 5, MBSTRING_UTF8,
1313  nid2));
1314  ASSERT_TRUE(str);
1315  EXPECT_EQ(V_ASN1_PRINTABLESTRING, ASN1_STRING_type(str.get()));
1316  EXPECT_EQ(Bytes("12345"), Bytes(ASN1_STRING_get0_data(str.get()),
1317  ASN1_STRING_length(str.get())));
1318  });
1319  for (auto &thread : threads) {
1320  thread.join();
1321  }
1322 }
1323 #endif // OPENSSL_THREADS
1324 
1325 // Test that multi-string types correctly encode negative ENUMERATED.
1326 // Multi-string types cannot contain INTEGER, so we only test ENUMERATED.
1327 TEST(ASN1Test, NegativeEnumeratedMultistring) {
1328  static const uint8_t kMinusOne[] = {0x0a, 0x01, 0xff}; // ENUMERATED { -1 }
1329  // |ASN1_PRINTABLE| is a multi-string type that allows ENUMERATED.
1330  const uint8_t *p = kMinusOne;
1331  bssl::UniquePtr<ASN1_STRING> str(
1332  d2i_ASN1_PRINTABLE(nullptr, &p, sizeof(kMinusOne)));
1333  ASSERT_TRUE(str);
1334  TestSerialize(str.get(), i2d_ASN1_PRINTABLE, kMinusOne);
1335 }
1336 
1337 TEST(ASN1Test, PrintableType) {
1338  const struct {
1339  std::vector<uint8_t> in;
1340  int result;
1341  } kTests[] = {
1342  {{}, V_ASN1_PRINTABLESTRING},
1343  {{'a', 'A', '0', '\'', '(', ')', '+', ',', '-', '.', '/', ':', '=', '?'},
1344  V_ASN1_PRINTABLESTRING},
1345  {{'*'}, V_ASN1_IA5STRING},
1346  {{'\0'}, V_ASN1_IA5STRING},
1347  {{'\0', 'a'}, V_ASN1_IA5STRING},
1348  {{0, 1, 2, 3, 125, 126, 127}, V_ASN1_IA5STRING},
1349  {{0, 1, 2, 3, 125, 126, 127, 128}, V_ASN1_T61STRING},
1350  {{128, 0, 1, 2, 3, 125, 126, 127}, V_ASN1_T61STRING},
1351  };
1352  for (const auto &t : kTests) {
1353  SCOPED_TRACE(Bytes(t.in));
1354  EXPECT_EQ(t.result, ASN1_PRINTABLE_type(t.in.data(), t.in.size()));
1355  }
1356 }
1357 
1358 // Encoding a CHOICE type with an invalid selector should fail.
1359 TEST(ASN1Test, InvalidChoice) {
1360  bssl::UniquePtr<GENERAL_NAME> name(GENERAL_NAME_new());
1361  ASSERT_TRUE(name);
1362  // CHOICE types are initialized with an invalid selector.
1363  EXPECT_EQ(-1, name->type);
1364  // |name| should fail to encode.
1365  EXPECT_EQ(-1, i2d_GENERAL_NAME(name.get(), nullptr));
1366 
1367  // The error should be propagated through types containing |name|.
1368  bssl::UniquePtr<GENERAL_NAMES> names(GENERAL_NAMES_new());
1369  ASSERT_TRUE(names);
1370  EXPECT_TRUE(bssl::PushToStack(names.get(), std::move(name)));
1371  EXPECT_EQ(-1, i2d_GENERAL_NAMES(names.get(), nullptr));
1372 }
1373 
1374 // Encoding NID-only |ASN1_OBJECT|s should fail.
1375 TEST(ASN1Test, InvalidObject) {
1376  EXPECT_EQ(-1, i2d_ASN1_OBJECT(OBJ_nid2obj(NID_kx_ecdhe), nullptr));
1377 
1378  bssl::UniquePtr<X509_ALGOR> alg(X509_ALGOR_new());
1379  ASSERT_TRUE(alg);
1380  ASSERT_TRUE(X509_ALGOR_set0(alg.get(), OBJ_nid2obj(NID_kx_ecdhe),
1381  V_ASN1_UNDEF, nullptr));
1382  EXPECT_EQ(-1, i2d_X509_ALGOR(alg.get(), nullptr));
1383 }
1384 
1385 // Encoding invalid |ASN1_TYPE|s should fail. |ASN1_TYPE|s are
1386 // default-initialized to an invalid type.
1387 TEST(ASN1Test, InvalidASN1Type) {
1388  bssl::UniquePtr<ASN1_TYPE> obj(ASN1_TYPE_new());
1389  ASSERT_TRUE(obj);
1390  EXPECT_EQ(-1, obj->type);
1391  EXPECT_EQ(-1, i2d_ASN1_TYPE(obj.get(), nullptr));
1392 }
1393 
1394 // Encoding invalid MSTRING types should fail. An MSTRING is a CHOICE of
1395 // string-like types. They are initialized to an invalid type.
1396 TEST(ASN1Test, InvalidMSTRING) {
1397  bssl::UniquePtr<ASN1_STRING> obj(ASN1_TIME_new());
1398  ASSERT_TRUE(obj);
1399  EXPECT_EQ(-1, obj->type);
1400  EXPECT_EQ(-1, i2d_ASN1_TIME(obj.get(), nullptr));
1401 
1402  obj.reset(DIRECTORYSTRING_new());
1403  ASSERT_TRUE(obj);
1404  EXPECT_EQ(-1, obj->type);
1405  EXPECT_EQ(-1, i2d_DIRECTORYSTRING(obj.get(), nullptr));
1406 }
1407 
1408 TEST(ASN1Test, StringTableSorted) {
1409  const ASN1_STRING_TABLE *table;
1410  size_t table_len;
1411  asn1_get_string_table_for_testing(&table, &table_len);
1412  for (size_t i = 1; i < table_len; i++) {
1413  EXPECT_LT(table[i-1].nid, table[i].nid);
1414  }
1415 }
1416 
1417 TEST(ASN1Test, Null) {
1418  // An |ASN1_NULL| is an opaque, non-null pointer. It is an arbitrary signaling
1419  // value and does not need to be freed. (If the pointer is null, this is an
1420  // omitted OPTIONAL NULL.)
1421  EXPECT_NE(nullptr, ASN1_NULL_new());
1422 
1423  // It is safe to free either the non-null pointer or the null one.
1424  ASN1_NULL_free(ASN1_NULL_new());
1425  ASN1_NULL_free(nullptr);
1426 
1427  // A NULL may be decoded.
1428  static const uint8_t kNull[] = {0x05, 0x00};
1429  const uint8_t *ptr = kNull;
1430  EXPECT_NE(nullptr, d2i_ASN1_NULL(nullptr, &ptr, sizeof(kNull)));
1431  EXPECT_EQ(ptr, kNull + sizeof(kNull));
1432 
1433  // It may also be re-encoded.
1434  uint8_t *enc = nullptr;
1435  int enc_len = i2d_ASN1_NULL(ASN1_NULL_new(), &enc);
1436  ASSERT_GE(enc_len, 0);
1437  EXPECT_EQ(Bytes(kNull), Bytes(enc, enc_len));
1438  OPENSSL_free(enc);
1439  enc = nullptr;
1440 
1441  // Although the standalone representation of NULL is a non-null pointer, the
1442  // |ASN1_TYPE| representation is a null pointer.
1443  ptr = kNull;
1444  bssl::UniquePtr<ASN1_TYPE> null_type(
1445  d2i_ASN1_TYPE(nullptr, &ptr, sizeof(kNull)));
1446  ASSERT_TRUE(null_type);
1447  EXPECT_EQ(ptr, kNull + sizeof(kNull));
1448  EXPECT_EQ(V_ASN1_NULL, ASN1_TYPE_get(null_type.get()));
1449  EXPECT_EQ(nullptr, null_type->value.ptr);
1450 }
1451 
1452 TEST(ASN1Test, Pack) {
1453  bssl::UniquePtr<BASIC_CONSTRAINTS> val(BASIC_CONSTRAINTS_new());
1454  ASSERT_TRUE(val);
1455  val->ca = 0;
1456 
1457  // Test all three calling conventions.
1458  static const uint8_t kExpected[] = {0x30, 0x00};
1459  bssl::UniquePtr<ASN1_STRING> str(
1460  ASN1_item_pack(val.get(), ASN1_ITEM_rptr(BASIC_CONSTRAINTS), nullptr));
1461  ASSERT_TRUE(str);
1462  EXPECT_EQ(
1463  Bytes(ASN1_STRING_get0_data(str.get()), ASN1_STRING_length(str.get())),
1464  Bytes(kExpected));
1465 
1466  ASN1_STRING *raw = nullptr;
1467  str.reset(ASN1_item_pack(val.get(), ASN1_ITEM_rptr(BASIC_CONSTRAINTS), &raw));
1468  ASSERT_TRUE(str);
1469  EXPECT_EQ(raw, str.get());
1470  EXPECT_EQ(
1471  Bytes(ASN1_STRING_get0_data(str.get()), ASN1_STRING_length(str.get())),
1472  Bytes(kExpected));
1473 
1474  str.reset(ASN1_STRING_new());
1475  ASSERT_TRUE(str);
1476  raw = str.get();
1477  EXPECT_TRUE(
1478  ASN1_item_pack(val.get(), ASN1_ITEM_rptr(BASIC_CONSTRAINTS), &raw));
1479  EXPECT_EQ(raw, str.get());
1480  EXPECT_EQ(
1481  Bytes(ASN1_STRING_get0_data(str.get()), ASN1_STRING_length(str.get())),
1482  Bytes(kExpected));
1483 }
1484 
1485 TEST(ASN1Test, Unpack) {
1486  bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_new());
1487  ASSERT_TRUE(str);
1488 
1489  static const uint8_t kValid[] = {0x30, 0x00};
1490  ASSERT_TRUE(
1491  ASN1_STRING_set(str.get(), kValid, sizeof(kValid)));
1492  bssl::UniquePtr<BASIC_CONSTRAINTS> val(static_cast<BASIC_CONSTRAINTS *>(
1493  ASN1_item_unpack(str.get(), ASN1_ITEM_rptr(BASIC_CONSTRAINTS))));
1494  ASSERT_TRUE(val);
1495  EXPECT_EQ(val->ca, 0);
1496  EXPECT_EQ(val->pathlen, nullptr);
1497 
1498  static const uint8_t kInvalid[] = {0x31, 0x00};
1499  ASSERT_TRUE(ASN1_STRING_set(str.get(), kInvalid, sizeof(kInvalid)));
1500  val.reset(static_cast<BASIC_CONSTRAINTS *>(
1501  ASN1_item_unpack(str.get(), ASN1_ITEM_rptr(BASIC_CONSTRAINTS))));
1502  EXPECT_FALSE(val);
1503 
1504  static const uint8_t kTraiilingData[] = {0x30, 0x00, 0x00};
1505  ASSERT_TRUE(
1506  ASN1_STRING_set(str.get(), kTraiilingData, sizeof(kTraiilingData)));
1507  val.reset(static_cast<BASIC_CONSTRAINTS *>(
1508  ASN1_item_unpack(str.get(), ASN1_ITEM_rptr(BASIC_CONSTRAINTS))));
1509  EXPECT_FALSE(val);
1510 }
1511 
1512 TEST(ASN1Test, StringCmp) {
1513  struct Input {
1514  int type;
1515  std::vector<uint8_t> data;
1516  int flags;
1517  bool equals_previous;
1518  };
1519  // kInputs is a list of |ASN1_STRING| parameters, in sorted order. The input
1520  // should be sorted by bit length, then data, then type.
1521  const Input kInputs[] = {
1522  {V_ASN1_BIT_STRING, {}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1523  {V_ASN1_BIT_STRING, {}, 0, true},
1524  // When |ASN1_STRING_FLAG_BITS_LEFT| is unset, BIT STRINGs implicitly
1525  // drop trailing zeros.
1526  {V_ASN1_BIT_STRING, {0x00, 0x00, 0x00, 0x00}, 0, true},
1527 
1528  {V_ASN1_OCTET_STRING, {}, 0, false},
1529  {V_ASN1_UTF8STRING, {}, 0, false},
1530 
1531  // BIT STRINGs with padding bits (i.e. not part of the actual value) are
1532  // shorter and thus sort earlier:
1533  // 1-bit inputs.
1534  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 7, false},
1535  {V_ASN1_BIT_STRING, {0x80}, ASN1_STRING_FLAG_BITS_LEFT | 7, false},
1536  // 2-bit inputs.
1537  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 6, false},
1538  {V_ASN1_BIT_STRING, {0xc0}, ASN1_STRING_FLAG_BITS_LEFT | 6, false},
1539  // 3-bit inputs.
1540  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 5, false},
1541  {V_ASN1_BIT_STRING, {0xe0}, ASN1_STRING_FLAG_BITS_LEFT | 5, false},
1542  // 4-bit inputs.
1543  {V_ASN1_BIT_STRING, {0xf0}, ASN1_STRING_FLAG_BITS_LEFT | 4, false},
1544  {V_ASN1_BIT_STRING, {0xf0}, 0, true}, // 4 trailing zeros dropped.
1545  {V_ASN1_BIT_STRING, {0xf0, 0x00}, 0, true}, // 12 trailing zeros dropped.
1546  // 5-bit inputs.
1547  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 3, false},
1548  {V_ASN1_BIT_STRING, {0xf0}, ASN1_STRING_FLAG_BITS_LEFT | 3, false},
1549  {V_ASN1_BIT_STRING, {0xf8}, ASN1_STRING_FLAG_BITS_LEFT | 3, false},
1550  // 6-bit inputs.
1551  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 2, false},
1552  {V_ASN1_BIT_STRING, {0xf0}, ASN1_STRING_FLAG_BITS_LEFT | 2, false},
1553  {V_ASN1_BIT_STRING, {0xfc}, ASN1_STRING_FLAG_BITS_LEFT | 2, false},
1554  // 7-bit inputs.
1555  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 1, false},
1556  {V_ASN1_BIT_STRING, {0xf0}, ASN1_STRING_FLAG_BITS_LEFT | 1, false},
1557  {V_ASN1_BIT_STRING, {0xfe}, ASN1_STRING_FLAG_BITS_LEFT | 1, false},
1558 
1559  // 8-bit inputs.
1560  {V_ASN1_BIT_STRING, {0x00}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1561  {V_ASN1_OCTET_STRING, {0x00}, 0, false},
1562  {V_ASN1_UTF8STRING, {0x00}, 0, false},
1563 
1564  {V_ASN1_BIT_STRING, {0x80}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1565  {V_ASN1_OCTET_STRING, {0x80}, 0, false},
1566  {V_ASN1_UTF8STRING, {0x80}, 0, false},
1567 
1568  {V_ASN1_BIT_STRING, {0xff}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1569  {V_ASN1_BIT_STRING, {0xff}, 0, true}, // No trailing zeros to drop.
1570  {V_ASN1_OCTET_STRING, {0xff}, 0, false},
1571  {V_ASN1_UTF8STRING, {0xff}, 0, false},
1572 
1573  // Bytes are compared lexicographically.
1574  {V_ASN1_BIT_STRING, {0x00, 0x00}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1575  {V_ASN1_OCTET_STRING, {0x00, 0x00}, 0, false},
1576  {V_ASN1_UTF8STRING, {0x00, 0x00}, 0, false},
1577 
1578  {V_ASN1_BIT_STRING, {0x00, 0xff}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1579  {V_ASN1_OCTET_STRING, {0x00, 0xff}, 0, false},
1580  {V_ASN1_UTF8STRING, {0x00, 0xff}, 0, false},
1581 
1582  {V_ASN1_BIT_STRING, {0xff, 0x00}, ASN1_STRING_FLAG_BITS_LEFT | 0, false},
1583  {V_ASN1_OCTET_STRING, {0xff, 0x00}, 0, false},
1584  {V_ASN1_UTF8STRING, {0xff, 0x00}, 0, false},
1585  };
1586  std::vector<bssl::UniquePtr<ASN1_STRING>> strs;
1587  strs.reserve(OPENSSL_ARRAY_SIZE(kInputs));
1588  for (const auto &input : kInputs) {
1589  strs.emplace_back(ASN1_STRING_type_new(input.type));
1590  ASSERT_TRUE(strs.back());
1591  ASSERT_TRUE(ASN1_STRING_set(strs.back().get(), input.data.data(),
1592  input.data.size()));
1593  strs.back()->flags = input.flags;
1594  }
1595 
1596  for (size_t i = 0; i < strs.size(); i++) {
1597  SCOPED_TRACE(i);
1598  bool expect_equal = true;
1599  for (size_t j = i; j < strs.size(); j++) {
1600  SCOPED_TRACE(j);
1601  if (j > i && !kInputs[j].equals_previous) {
1602  expect_equal = false;
1603  }
1604 
1605  const int cmp_i_j = ASN1_STRING_cmp(strs[i].get(), strs[j].get());
1606  const int cmp_j_i = ASN1_STRING_cmp(strs[j].get(), strs[i].get());
1607  if (expect_equal) {
1608  EXPECT_EQ(cmp_i_j, 0);
1609  EXPECT_EQ(cmp_j_i, 0);
1610  } else if (i < j) {
1611  EXPECT_LT(cmp_i_j, 0);
1612  EXPECT_GT(cmp_j_i, 0);
1613  } else {
1614  EXPECT_GT(cmp_i_j, 0);
1615  EXPECT_LT(cmp_j_i, 0);
1616  }
1617  }
1618  }
1619 }
1620 
1621 TEST(ASN1Test, PrintASN1Object) {
1622  const struct {
1623  std::vector<uint8_t> in;
1624  const char *expected;
1625  } kDataTests[] = {
1626  // Known OIDs print as the name.
1627  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01}, "rsaEncryption"},
1628 
1629  // Unknown OIDs print in decimal.
1630  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7, 0x09, 0x00},
1631  "1.2.840.113554.4.1.72585.0"},
1632 
1633  // Inputs which cannot be parsed as OIDs print as "<INVALID>".
1634  {{0xff}, "<INVALID>"},
1635 
1636  // The function has an internal 80-byte buffer. Test inputs at that
1637  // boundary. First, 78 characters.
1638  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7,
1639  0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1640  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1641  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
1642  "1.2.840.113554.4.1.72585.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0."
1643  "0.0.0.1"},
1644  // 79 characters.
1645  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7,
1646  0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1647  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1648  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a},
1649  "1.2.840.113554.4.1.72585.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0."
1650  "0.0.0.10"},
1651  // 80 characters.
1652  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7,
1653  0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1654  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1655  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64},
1656  "1.2.840.113554.4.1.72585.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0."
1657  "0.0.0.100"},
1658  // 81 characters.
1659  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7,
1660  0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1661  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1662  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87, 0x68},
1663  "1.2.840.113554.4.1.72585.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0."
1664  "0.0.0.1000"},
1665  // 82 characters.
1666  {{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7,
1667  0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1668  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1669  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xce, 0x10},
1670  "1.2.840.113554.4.1.72585.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0."
1671  "0.0.0.10000"},
1672  };
1673  for (const auto &t : kDataTests) {
1674  SCOPED_TRACE(Bytes(t.in));
1675  bssl::UniquePtr<ASN1_OBJECT> obj(ASN1_OBJECT_create(
1676  NID_undef, t.in.data(), t.in.size(), /*sn=*/nullptr, /*ln=*/nullptr));
1677  ASSERT_TRUE(obj);
1678  bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
1679  ASSERT_TRUE(bio);
1680 
1681  int len = i2a_ASN1_OBJECT(bio.get(), obj.get());
1682  EXPECT_EQ(len, static_cast<int>(strlen(t.expected)));
1683 
1684  const uint8_t *bio_data;
1685  size_t bio_len;
1686  BIO_mem_contents(bio.get(), &bio_data, &bio_len);
1687  EXPECT_EQ(t.expected,
1688  std::string(reinterpret_cast<const char *>(bio_data), bio_len));
1689  }
1690 
1691  // Test writing NULL.
1692  bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
1693  ASSERT_TRUE(bio);
1694  int len = i2a_ASN1_OBJECT(bio.get(), nullptr);
1695  EXPECT_EQ(len, 4);
1696  const uint8_t *bio_data;
1697  size_t bio_len;
1698  BIO_mem_contents(bio.get(), &bio_data, &bio_len);
1699  EXPECT_EQ("NULL",
1700  std::string(reinterpret_cast<const char *>(bio_data), bio_len));
1701 }
1702 
1703 TEST(ASN1, GetObject) {
1704  // The header is valid, but there are not enough bytes for the length.
1705  static const uint8_t kTruncated[] = {0x30, 0x01};
1706  const uint8_t *ptr = kTruncated;
1707  long length;
1708  int tag;
1709  int tag_class;
1710  EXPECT_EQ(0x80, ASN1_get_object(&ptr, &length, &tag, &tag_class,
1711  sizeof(kTruncated)));
1712 
1713  static const uint8_t kIndefinite[] = {0x30, 0x80, 0x00, 0x00};
1714  ptr = kIndefinite;
1715  EXPECT_EQ(0x80, ASN1_get_object(&ptr, &length, &tag, &tag_class,
1716  sizeof(kIndefinite)));
1717 }
1718 
1719 // The ASN.1 macros do not work on Windows shared library builds, where usage of
1720 // |OPENSSL_EXPORT| is a bit stricter.
1721 #if !defined(OPENSSL_WINDOWS) || !defined(BORINGSSL_SHARED_LIBRARY)
1722 
1723 typedef struct asn1_linked_list_st {
1724  struct asn1_linked_list_st *next;
1725 } ASN1_LINKED_LIST;
1726 
1727 DECLARE_ASN1_ITEM(ASN1_LINKED_LIST)
1728 DECLARE_ASN1_FUNCTIONS(ASN1_LINKED_LIST)
1729 
1730 ASN1_SEQUENCE(ASN1_LINKED_LIST) = {
1731  ASN1_OPT(ASN1_LINKED_LIST, next, ASN1_LINKED_LIST),
1732 } ASN1_SEQUENCE_END(ASN1_LINKED_LIST)
1733 
1734 IMPLEMENT_ASN1_FUNCTIONS(ASN1_LINKED_LIST)
1735 
1736 static bool MakeLinkedList(bssl::UniquePtr<uint8_t> *out, size_t *out_len,
1737  size_t count) {
1738  bssl::ScopedCBB cbb;
1739  std::vector<CBB> cbbs(count);
1740  if (!CBB_init(cbb.get(), 2 * count) ||
1741  !CBB_add_asn1(cbb.get(), &cbbs[0], CBS_ASN1_SEQUENCE)) {
1742  return false;
1743  }
1744  for (size_t i = 1; i < count; i++) {
1745  if (!CBB_add_asn1(&cbbs[i - 1], &cbbs[i], CBS_ASN1_SEQUENCE)) {
1746  return false;
1747  }
1748  }
1749  uint8_t *ptr;
1750  if (!CBB_finish(cbb.get(), &ptr, out_len)) {
1751  return false;
1752  }
1753  out->reset(ptr);
1754  return true;
1755 }
1756 
1757 TEST(ASN1Test, Recursive) {
1758  bssl::UniquePtr<uint8_t> data;
1759  size_t len;
1760 
1761  // Sanity-check that MakeLinkedList can be parsed.
1762  ASSERT_TRUE(MakeLinkedList(&data, &len, 5));
1763  const uint8_t *ptr = data.get();
1764  ASN1_LINKED_LIST *list = d2i_ASN1_LINKED_LIST(nullptr, &ptr, len);
1765  EXPECT_TRUE(list);
1766  ASN1_LINKED_LIST_free(list);
1767 
1768  // Excessively deep structures are rejected.
1769  ASSERT_TRUE(MakeLinkedList(&data, &len, 100));
1770  ptr = data.get();
1771  list = d2i_ASN1_LINKED_LIST(nullptr, &ptr, len);
1772  EXPECT_FALSE(list);
1773  // Note checking the error queue here does not work. The error "stack trace"
1774  // is too deep, so the |ASN1_R_NESTED_TOO_DEEP| entry drops off the queue.
1775  ASN1_LINKED_LIST_free(list);
1776 }
1777 
1778 struct IMPLICIT_CHOICE {
1779  ASN1_STRING *string;
1780 };
1781 
1782 DECLARE_ASN1_FUNCTIONS(IMPLICIT_CHOICE)
1783 
1784 ASN1_SEQUENCE(IMPLICIT_CHOICE) = {
1785  ASN1_IMP(IMPLICIT_CHOICE, string, DIRECTORYSTRING, 0),
1786 } ASN1_SEQUENCE_END(IMPLICIT_CHOICE)
1787 
1788 IMPLEMENT_ASN1_FUNCTIONS(IMPLICIT_CHOICE)
1789 
1790 // Test that the ASN.1 templates reject types with implicitly-tagged CHOICE
1791 // types.
1792 TEST(ASN1Test, ImplicitChoice) {
1793  // Serializing a type with an implicitly tagged CHOICE should fail.
1794  std::unique_ptr<IMPLICIT_CHOICE, decltype(&IMPLICIT_CHOICE_free)> obj(
1795  IMPLICIT_CHOICE_new(), IMPLICIT_CHOICE_free);
1796  EXPECT_EQ(-1, i2d_IMPLICIT_CHOICE(obj.get(), nullptr));
1797 
1798  // An implicitly-tagged CHOICE is an error. Depending on the implementation,
1799  // it may be misinterpreted as without the tag, or as clobbering the CHOICE
1800  // tag. Test both inputs and ensure they fail.
1801 
1802  // SEQUENCE { UTF8String {} }
1803  static const uint8_t kInput1[] = {0x30, 0x02, 0x0c, 0x00};
1804  const uint8_t *ptr = kInput1;
1805  EXPECT_EQ(nullptr, d2i_IMPLICIT_CHOICE(nullptr, &ptr, sizeof(kInput1)));
1806 
1807  // SEQUENCE { [0 PRIMITIVE] {} }
1808  static const uint8_t kInput2[] = {0x30, 0x02, 0x80, 0x00};
1809  ptr = kInput2;
1810  EXPECT_EQ(nullptr, d2i_IMPLICIT_CHOICE(nullptr, &ptr, sizeof(kInput2)));
1811 }
1812 
1813 struct REQUIRED_FIELD {
1814  ASN1_INTEGER *value;
1815  ASN1_INTEGER *value_imp;
1816  ASN1_INTEGER *value_exp;
1817  STACK_OF(ASN1_INTEGER) *seq;
1818  STACK_OF(ASN1_INTEGER) *seq_imp;
1819  STACK_OF(ASN1_INTEGER) *seq_exp;
1820  ASN1_NULL *null;
1821  ASN1_NULL *null_imp;
1822  ASN1_NULL *null_exp;
1823 };
1824 
1825 DECLARE_ASN1_FUNCTIONS(REQUIRED_FIELD)
1826 ASN1_SEQUENCE(REQUIRED_FIELD) = {
1827  ASN1_SIMPLE(REQUIRED_FIELD, value, ASN1_INTEGER),
1828  ASN1_IMP(REQUIRED_FIELD, value_imp, ASN1_INTEGER, 0),
1829  ASN1_EXP(REQUIRED_FIELD, value_exp, ASN1_INTEGER, 1),
1830  ASN1_SEQUENCE_OF(REQUIRED_FIELD, seq, ASN1_INTEGER),
1831  ASN1_IMP_SEQUENCE_OF(REQUIRED_FIELD, seq_imp, ASN1_INTEGER, 2),
1832  ASN1_EXP_SEQUENCE_OF(REQUIRED_FIELD, seq_exp, ASN1_INTEGER, 3),
1833  ASN1_SIMPLE(REQUIRED_FIELD, null, ASN1_NULL),
1834  ASN1_IMP(REQUIRED_FIELD, null_imp, ASN1_NULL, 4),
1835  ASN1_EXP(REQUIRED_FIELD, null_exp, ASN1_NULL, 5),
1836 } ASN1_SEQUENCE_END(REQUIRED_FIELD)
1837 IMPLEMENT_ASN1_FUNCTIONS(REQUIRED_FIELD)
1838 
1839 // Test that structures with missing required fields cannot be serialized. Test
1840 // the full combination of tagging and SEQUENCE OF.
1841 TEST(ASN1Test, MissingRequiredField) {
1842  EXPECT_EQ(-1, i2d_REQUIRED_FIELD(nullptr, nullptr));
1843 
1844  std::unique_ptr<REQUIRED_FIELD, decltype(&REQUIRED_FIELD_free)> obj(
1845  nullptr, REQUIRED_FIELD_free);
1846  for (auto field : {&REQUIRED_FIELD::value, &REQUIRED_FIELD::value_imp,
1847  &REQUIRED_FIELD::value_exp}) {
1848  obj.reset(REQUIRED_FIELD_new());
1849  ASSERT_TRUE(obj);
1850  ASN1_INTEGER_free((*obj).*field);
1851  (*obj).*field = nullptr;
1852  EXPECT_EQ(-1, i2d_REQUIRED_FIELD(obj.get(), nullptr));
1853  }
1854 
1855  for (auto field : {&REQUIRED_FIELD::seq, &REQUIRED_FIELD::seq_imp,
1856  &REQUIRED_FIELD::seq_exp}) {
1857  obj.reset(REQUIRED_FIELD_new());
1858  ASSERT_TRUE(obj);
1859  sk_ASN1_INTEGER_pop_free((*obj).*field, ASN1_INTEGER_free);
1860  (*obj).*field = nullptr;
1861  EXPECT_EQ(-1, i2d_REQUIRED_FIELD(obj.get(), nullptr));
1862  }
1863 
1864  for (auto field : {&REQUIRED_FIELD::null, &REQUIRED_FIELD::null_imp,
1865  &REQUIRED_FIELD::null_exp}) {
1866  obj.reset(REQUIRED_FIELD_new());
1867  ASSERT_TRUE(obj);
1868  (*obj).*field = nullptr;
1869  EXPECT_EQ(-1, i2d_REQUIRED_FIELD(obj.get(), nullptr));
1870  }
1871 }
1872 
1873 #endif // !WINDOWS || !SHARED_LIBRARY
ASN1_TYPE_set
#define ASN1_TYPE_set
Definition: boringssl_prefix_symbols.h:714
xds_interop_client.str
str
Definition: xds_interop_client.py:487
EXPECT_FALSE
#define EXPECT_FALSE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1970
BASIC_CONSTRAINTS_st
Definition: x509v3.h:157
BN_set_u64
#define BN_set_u64
Definition: boringssl_prefix_symbols.h:991
ptr
char * ptr
Definition: abseil-cpp/absl/base/internal/low_level_alloc_test.cc:45
NID_pkcs9_emailAddress
#define NID_pkcs9_emailAddress
Definition: nid.h:304
_gevent_test_main.result
result
Definition: _gevent_test_main.py:96
asn1_object_st::length
int length
Definition: third_party/boringssl-with-bazel/src/crypto/asn1/internal.h:105
obj
OPENSSL_EXPORT const ASN1_OBJECT * obj
Definition: x509.h:1671
DIRSTRING_TYPE
#define DIRSTRING_TYPE
Definition: asn1.h:728
d2i_ASN1_BOOLEAN
#define d2i_ASN1_BOOLEAN
Definition: boringssl_prefix_symbols.h:2939
ASSERT_NE
#define ASSERT_NE(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2060
ASN1_OPT
#define ASN1_OPT(stname, field, type)
Definition: asn1t.h:268
CBB_init
#define CBB_init
Definition: boringssl_prefix_symbols.h:1047
gen_build_yaml.out
dictionary out
Definition: src/benchmark/gen_build_yaml.py:24
http2_test_server.format
format
Definition: http2_test_server.py:118
NID_kx_ecdhe
#define NID_kx_ecdhe
Definition: nid.h:4212
Bytes
Definition: boringssl-with-bazel/src/crypto/test/test_util.h:38
ASN1_STRING_type
#define ASN1_STRING_type
Definition: boringssl_prefix_symbols.h:694
get
absl::string_view get(const Cont &c)
Definition: abseil-cpp/absl/strings/str_replace_test.cc:185
d2i_ASN1_PRINTABLE
OPENSSL_EXPORT ASN1_STRING * d2i_ASN1_PRINTABLE(ASN1_STRING **out, const uint8_t **inp, long len)
i2d_ASN1_BOOLEAN
#define i2d_ASN1_BOOLEAN
Definition: boringssl_prefix_symbols.h:3179
DECLARE_ASN1_FUNCTIONS
#define DECLARE_ASN1_FUNCTIONS(type)
Definition: asn1.h:1776
V_ASN1_NEG_ENUMERATED
#define V_ASN1_NEG_ENUMERATED
Definition: asn1.h:157
i2d_ASN1_TYPE
OPENSSL_EXPORT int i2d_ASN1_TYPE(const ASN1_TYPE *in, uint8_t **outp)
ASN1_SEQUENCE
ASN1_SEQUENCE(ASN1_LINKED_LIST)
ASN1_TIME_new
OPENSSL_EXPORT ASN1_TIME * ASN1_TIME_new(void)
ASN1_STRING_TABLE
Definition: third_party/boringssl-with-bazel/src/crypto/asn1/internal.h:206
NID_organizationName
#define NID_organizationName
Definition: nid.h:168
V_ASN1_PRINTABLESTRING
#define V_ASN1_PRINTABLESTRING
Definition: asn1.h:139
test
Definition: spinlock_test.cc:36
X509_ALGOR_set0
OPENSSL_EXPORT int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *obj, int param_type, void *param_value)
V_ASN1_SEQUENCE
#define V_ASN1_SEQUENCE
Definition: asn1.h:136
OPENSSL_ARRAY_SIZE
#define OPENSSL_ARRAY_SIZE(array)
Definition: third_party/boringssl-with-bazel/src/crypto/internal.h:179
NID_rsaEncryption
#define NID_rsaEncryption
Definition: nid.h:114
X509_ALGOR_new
#define X509_ALGOR_new
Definition: boringssl_prefix_symbols.h:2256
buf
voidpf void * buf
Definition: bloaty/third_party/zlib/contrib/minizip/ioapi.h:136
names
sub_type names
Definition: cxa_demangle.cpp:4905
EXPECT_GT
#define EXPECT_GT(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2036
ASN1_STRING_type_new
#define ASN1_STRING_type_new
Definition: boringssl_prefix_symbols.h:695
testing::internal::string
::std::string string
Definition: bloaty/third_party/protobuf/third_party/googletest/googletest/include/gtest/internal/gtest-port.h:881
V_ASN1_SET
#define V_ASN1_SET
Definition: asn1.h:137
ASN1_IMP_SEQUENCE_OF
#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag)
Definition: asn1t.h:311
V_ASN1_UTF8STRING
#define V_ASN1_UTF8STRING
Definition: asn1.h:135
B_ASN1_IA5STRING
#define B_ASN1_IA5STRING
Definition: asn1.h:165
ASN1_STRFLGS_ESC_2253
#define ASN1_STRFLGS_ESC_2253
Definition: asn1.h:1625
x509v3.h
NID_friendlyName
#define NID_friendlyName
Definition: nid.h:792
GENERAL_NAMES_new
#define GENERAL_NAMES_new
Definition: boringssl_prefix_symbols.h:1766
ASSERT_GE
#define ASSERT_GE(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2072
V_ASN1_OCTET_STRING
#define V_ASN1_OCTET_STRING
Definition: asn1.h:128
kTests
static const HKDFTestVector kTests[]
Definition: hkdf_test.cc:41
NID_countryName
#define NID_countryName
Definition: nid.h:153
ASN1_TYPE_get
#define ASN1_TYPE_get
Definition: boringssl_prefix_symbols.h:712
setup.name
name
Definition: setup.py:542
ASN1_STRING_free
#define ASN1_STRING_free
Definition: boringssl_prefix_symbols.h:680
MBSTRING_UNIV
#define MBSTRING_UNIV
Definition: asn1.h:725
ASN1_BIT_STRING_set_bit
#define ASN1_BIT_STRING_set_bit
Definition: boringssl_prefix_symbols.h:616
a
int a
Definition: abseil-cpp/absl/container/internal/hash_policy_traits_test.cc:88
B_ASN1_PRINTABLESTRING
#define B_ASN1_PRINTABLESTRING
Definition: asn1.h:161
ASN1_EXP_SEQUENCE_OF
#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag)
Definition: asn1t.h:317
xds_manager.p
p
Definition: xds_manager.py:60
ASN1_PRINTABLE_type
#define ASN1_PRINTABLE_type
Definition: boringssl_prefix_symbols.h:670
uint8_t
unsigned char uint8_t
Definition: stdint-msvc2008.h:78
ASN1_INTEGER_new
OPENSSL_EXPORT ASN1_INTEGER * ASN1_INTEGER_new(void)
IMPLEMENT_ASN1_FUNCTIONS
#define IMPLEMENT_ASN1_FUNCTIONS(stname)
Definition: asn1t.h:636
ASN1_NULL_new
OPENSSL_EXPORT ASN1_NULL * ASN1_NULL_new(void)
T
#define T(upbtypeconst, upbtype, ctype, default_value)
ASN1_STRFLGS_IGNORE_TYPE
#define ASN1_STRFLGS_IGNORE_TYPE
Definition: asn1.h:1648
threads
static uv_thread_t * threads
Definition: threadpool.c:38
ASN1_STRING_new
#define ASN1_STRING_new
Definition: boringssl_prefix_symbols.h:684
V_ASN1_GENERALIZEDTIME
#define V_ASN1_GENERALIZEDTIME
Definition: asn1.h:145
ASN1_BIT_STRING_new
OPENSSL_EXPORT ASN1_BIT_STRING * ASN1_BIT_STRING_new(void)
asn1_object_st
Definition: third_party/boringssl-with-bazel/src/crypto/asn1/internal.h:102
ASN1_EXP
#define ASN1_EXP(stname, field, type, tag)
Definition: asn1t.h:278
EXPECT_EQ
#define EXPECT_EQ(a, b)
Definition: iomgr/time_averaged_stats_test.cc:27
OBJ_nid2obj
#define OBJ_nid2obj
Definition: boringssl_prefix_symbols.h:1855
B_ASN1_T61STRING
#define B_ASN1_T61STRING
Definition: asn1.h:162
ASN1_NULL_free
OPENSSL_EXPORT void ASN1_NULL_free(ASN1_NULL *null)
bytestring.h
B_ASN1_UNIVERSALSTRING
#define B_ASN1_UNIVERSALSTRING
Definition: asn1.h:170
V_ASN1_BMPSTRING
#define V_ASN1_BMPSTRING
Definition: asn1.h:151
ASN1_STRING_set
#define ASN1_STRING_set
Definition: boringssl_prefix_symbols.h:688
in
const char * in
Definition: third_party/abseil-cpp/absl/strings/internal/str_format/parser_test.cc:391
OBJ_obj2nid
#define OBJ_obj2nid
Definition: boringssl_prefix_symbols.h:1857
SCOPED_TRACE
#define SCOPED_TRACE(message)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2264
NID_commonName
#define NID_commonName
Definition: nid.h:148
internal.h
ASN1_INTEGER_set
#define ASN1_INTEGER_set
Definition: boringssl_prefix_symbols.h:648
invalid
@ invalid
Definition: base64_test.cc:39
absl::move
constexpr absl::remove_reference_t< T > && move(T &&t) noexcept
Definition: abseil-cpp/absl/utility/utility.h:221
STACK_OF
#define STACK_OF(type)
Definition: stack.h:125
V_ASN1_ENUMERATED
#define V_ASN1_ENUMERATED
Definition: asn1.h:134
int64_t
signed __int64 int64_t
Definition: stdint-msvc2008.h:89
tag
static void * tag(intptr_t t)
Definition: bad_client.cc:318
EXPECT_NE
#define EXPECT_NE(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2028
ASN1_STRFLGS_ESC_CTRL
#define ASN1_STRFLGS_ESC_CTRL
Definition: asn1.h:1628
BIO_s_mem
#define BIO_s_mem
Definition: boringssl_prefix_symbols.h:839
ASN1_LINKED_LIST
struct asn1_linked_list_st ASN1_LINKED_LIST
CBB_finish
#define CBB_finish
Definition: boringssl_prefix_symbols.h:1043
DIRECTORYSTRING_new
OPENSSL_EXPORT ASN1_STRING * DIRECTORYSTRING_new(void)
ASN1_STRING_cmp
#define ASN1_STRING_cmp
Definition: boringssl_prefix_symbols.h:676
ASN1_STRFLGS_ESC_MSB
#define ASN1_STRFLGS_ESC_MSB
Definition: asn1.h:1631
d2i_ASN1_OBJECT
#define d2i_ASN1_OBJECT
Definition: boringssl_prefix_symbols.h:2946
MBSTRING_BMP
#define MBSTRING_BMP
Definition: asn1.h:724
ASN1_STRING_set_by_NID
#define ASN1_STRING_set_by_NID
Definition: boringssl_prefix_symbols.h:690
ASN1_item_pack
#define ASN1_item_pack
Definition: boringssl_prefix_symbols.h:751
asn1_object_st::data
const unsigned char * data
Definition: third_party/boringssl-with-bazel/src/crypto/asn1/internal.h:106
uint64_t
unsigned __int64 uint64_t
Definition: stdint-msvc2008.h:90
NID_stateOrProvinceName
#define NID_stateOrProvinceName
Definition: nid.h:163
CBB_add_asn1
#define CBB_add_asn1
Definition: boringssl_prefix_symbols.h:1019
NID_domainComponent
#define NID_domainComponent
Definition: nid.h:1817
ASN1_SEQUENCE_OF
#define ASN1_SEQUENCE_OF(stname, field, type)
Definition: asn1t.h:282
ASN1_STRING_length
#define ASN1_STRING_length
Definition: boringssl_prefix_symbols.h:683
err.h
i2d_DIRECTORYSTRING
OPENSSL_EXPORT int i2d_DIRECTORYSTRING(const ASN1_STRING *in, uint8_t **outp)
d2i_ASN1_TYPE
OPENSSL_EXPORT ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **out, const uint8_t **inp, long len)
MBSTRING_UTF8
#define MBSTRING_UTF8
Definition: asn1.h:722
asn1t.h
ASN1_STRING_FLAG_BITS_LEFT
#define ASN1_STRING_FLAG_BITS_LEFT
Definition: asn1.h:554
ASN1_mbstring_copy
#define ASN1_mbstring_copy
Definition: boringssl_prefix_symbols.h:756
i2d_ASN1_PRINTABLE
OPENSSL_EXPORT int i2d_ASN1_PRINTABLE(const ASN1_STRING *in, uint8_t **outp)
V_ASN1_BIT_STRING
#define V_ASN1_BIT_STRING
Definition: asn1.h:127
ASN1_OBJECT_free
#define ASN1_OBJECT_free
Definition: boringssl_prefix_symbols.h:655
ASN1Test
Definition: bn_test.cc:1382
NID_undef
#define NID_undef
Definition: nid.h:85
NID_pkcs9_unstructuredAddress
#define NID_pkcs9_unstructuredAddress
Definition: nid.h:332
StringToVector
static std::vector< uint8_t > StringToVector(const std::string &str)
Definition: asn1_test.cc:611
NID_surname
#define NID_surname
Definition: nid.h:544
data
char data[kBufferLength]
Definition: abseil-cpp/absl/strings/internal/str_format/float_conversion.cc:1006
ASN1_INTEGER_free
OPENSSL_EXPORT void ASN1_INTEGER_free(ASN1_INTEGER *str)
NID_givenName
#define NID_givenName
Definition: nid.h:539
OBJ_create
#define OBJ_create
Definition: boringssl_prefix_symbols.h:1846
BIO_new
#define BIO_new
Definition: boringssl_prefix_symbols.h:814
i2d_BASIC_CONSTRAINTS
#define i2d_BASIC_CONSTRAINTS
Definition: boringssl_prefix_symbols.h:3201
STABLE_NO_MASK
#define STABLE_NO_MASK
Definition: asn1.h:793
TEST
TEST(ASN1Test, LargeTags)
Definition: asn1_test.cc:59
V_ASN1_OTHER
#define V_ASN1_OTHER
Definition: asn1.h:118
NID_serialNumber
#define NID_serialNumber
Definition: nid.h:563
NID_pkcs9_unstructuredName
#define NID_pkcs9_unstructuredName
Definition: nid.h:308
d2i_ASN1_NULL
OPENSSL_EXPORT ASN1_NULL * d2i_ASN1_NULL(ASN1_NULL **out, const uint8_t **inp, long len)
V_ASN1_UTCTIME
#define V_ASN1_UTCTIME
Definition: asn1.h:144
ASN1_IMP
#define ASN1_IMP(stname, field, type, tag)
Definition: asn1t.h:271
asn1_get_string_table_for_testing
#define asn1_get_string_table_for_testing
Definition: boringssl_prefix_symbols.h:2836
TestSerialize
void TestSerialize(T obj, int(*i2d_func)(U a, uint8_t **pp), bssl::Span< const uint8_t > expected)
Definition: asn1_test.cc:111
ASN1_STRING_print_ex_fp
#define ASN1_STRING_print_ex_fp
Definition: boringssl_prefix_symbols.h:687
asn1_linked_list_st
Definition: asn1_test.cc:1723
V_ASN1_BOOLEAN
#define V_ASN1_BOOLEAN
Definition: asn1.h:125
ASN1_BIT_STRING_get_bit
#define ASN1_BIT_STRING_get_bit
Definition: boringssl_prefix_symbols.h:611
V_ASN1_IA5STRING
#define V_ASN1_IA5STRING
Definition: asn1.h:143
kTagOverflow
static const uint8_t kTagOverflow[]
Definition: asn1_test.cc:55
kNull
static const int kNull
Definition: stack_test.cc:58
nid
int nid
Definition: cipher_extra.c:71
ASN1_BIT_STRING_num_bytes
#define ASN1_BIT_STRING_num_bytes
Definition: boringssl_prefix_symbols.h:614
NID_ED25519
#define NID_ED25519
Definition: nid.h:4199
ASN1_STRFLGS_SHOW_TYPE
#define ASN1_STRFLGS_SHOW_TYPE
Definition: asn1.h:1651
i2d_ASN1_OBJECT
#define i2d_ASN1_OBJECT
Definition: boringssl_prefix_symbols.h:3186
ASN1_item_unpack
#define ASN1_item_unpack
Definition: boringssl_prefix_symbols.h:754
V_ASN1_T61STRING
#define V_ASN1_T61STRING
Definition: asn1.h:140
value
const char * value
Definition: hpack_parser_table.cc:165
ASN1_SEQUENCE_END
ASN1_SEQUENCE_END(X509_NAME_ENTRY)
Definition: x_name.c:103
pp
const uint8_t ** pp
Definition: ssl_x509.cc:1020
NID_name
#define NID_name
Definition: nid.h:869
ASN1StringToStdString
static std::string ASN1StringToStdString(const ASN1_STRING *str)
Definition: asn1_test.cc:538
GENERAL_NAME_new
#define GENERAL_NAME_new
Definition: boringssl_prefix_symbols.h:1773
ASN1_STRING_to_UTF8
#define ASN1_STRING_to_UTF8
Definition: boringssl_prefix_symbols.h:693
field
const FieldDescriptor * field
Definition: bloaty/third_party/protobuf/src/google/protobuf/compiler/parser_unittest.cc:2692
ASN1_GENERALIZEDTIME_set
#define ASN1_GENERALIZEDTIME_set
Definition: boringssl_prefix_symbols.h:634
i2a_ASN1_OBJECT
#define i2a_ASN1_OBJECT
Definition: boringssl_prefix_symbols.h:3172
ASN1_STRING_TABLE_add
#define ASN1_STRING_TABLE_add
Definition: boringssl_prefix_symbols.h:674
ASN1_STRFLGS_UTF8_CONVERT
#define ASN1_STRFLGS_UTF8_CONVERT
Definition: asn1.h:1644
ASN1_ITEM_rptr
#define ASN1_ITEM_rptr(name)
Definition: asn1.h:302
count
int * count
Definition: bloaty/third_party/googletest/googlemock/test/gmock_stress_test.cc:96
i2d_GENERAL_NAMES
#define i2d_GENERAL_NAMES
Definition: boringssl_prefix_symbols.h:3230
ASN1_INTEGER_set_uint64
#define ASN1_INTEGER_set_uint64
Definition: boringssl_prefix_symbols.h:649
next
AllocList * next[kMaxLevel]
Definition: abseil-cpp/absl/base/internal/low_level_alloc.cc:100
EXPECT_LT
#define EXPECT_LT(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2032
ASN1_STRING_get0_data
#define ASN1_STRING_get0_data
Definition: boringssl_prefix_symbols.h:681
WycheproofRawResult::kValid
@ kValid
PushToStack
std::enable_if<!internal::StackTraits< Stack >::kIsConst, bool >::type PushToStack(Stack *sk, UniquePtr< typename internal::StackTraits< Stack >::Type > elem)
Definition: stack.h:515
ASN1_get_object
#define ASN1_get_object
Definition: boringssl_prefix_symbols.h:736
NID_ms_csp_name
#define NID_ms_csp_name
Definition: nid.h:1923
ASSERT_TRUE
#define ASSERT_TRUE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1973
V_ASN1_NULL
#define V_ASN1_NULL
Definition: asn1.h:129
ASN1_STRFLGS_ESC_QUOTE
#define ASN1_STRFLGS_ESC_QUOTE
Definition: asn1.h:1636
V_ASN1_UNDEF
#define V_ASN1_UNDEF
Definition: asn1.h:115
ERR_clear_error
#define ERR_clear_error
Definition: boringssl_prefix_symbols.h:1413
NID_organizationalUnitName
#define NID_organizationalUnitName
Definition: nid.h:173
DECLARE_ASN1_ITEM
#define DECLARE_ASN1_ITEM(name)
Definition: asn1.h:299
ASN1_TYPE_new
OPENSSL_EXPORT ASN1_TYPE * ASN1_TYPE_new(void)
grpc_core::SetBit
T SetBit(T *i, size_t n)
Definition: useful.h:49
input
std::string input
Definition: bloaty/third_party/protobuf/src/google/protobuf/io/tokenizer_unittest.cc:197
kTag258
static const uint8_t kTag258[]
Definition: asn1_test.cc:46
EXPECT_TRUE
#define EXPECT_TRUE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1967
WycheproofRawResult::kInvalid
@ kInvalid
obj.h
B_ASN1_BMPSTRING
#define B_ASN1_BMPSTRING
Definition: asn1.h:173
ASN1_STRFLGS_DUMP_DER
#define ASN1_STRFLGS_DUMP_DER
Definition: asn1.h:1666
BASIC_CONSTRAINTS_new
#define BASIC_CONSTRAINTS_new
Definition: boringssl_prefix_symbols.h:773
table
uint8_t table[256]
Definition: hpack_parser.cc:456
ASN1_TIME_set
OPENSSL_EXPORT ASN1_TIME * ASN1_TIME_set(ASN1_TIME *s, time_t t)
kTag128
static const uint8_t kTag128[]
Definition: asn1_test.cc:41
NID_localityName
#define NID_localityName
Definition: nid.h:158
span.h
flags
uint32_t flags
Definition: retry_filter.cc:632
mem.h
NID_pkcs9_challengePassword
#define NID_pkcs9_challengePassword
Definition: nid.h:328
asyncio_get_stats.type
type
Definition: asyncio_get_stats.py:37
len
int len
Definition: abseil-cpp/absl/base/internal/low_level_alloc_test.cc:46
B_ASN1_SEQUENCE
#define B_ASN1_SEQUENCE
Definition: asn1.h:178
i2d_X509_ALGOR
#define i2d_X509_ALGOR
Definition: boringssl_prefix_symbols.h:3275
ASSERT_GT
#define ASSERT_GT(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2076
NID_dnQualifier
#define NID_dnQualifier
Definition: nid.h:874
length
std::size_t length
Definition: abseil-cpp/absl/time/internal/test_util.cc:57
ASN1_INTEGER_cmp
#define ASN1_INTEGER_cmp
Definition: boringssl_prefix_symbols.h:642
CBS_ASN1_SEQUENCE
#define CBS_ASN1_SEQUENCE
Definition: bytestring.h:214
i2d_GENERAL_NAME
#define i2d_GENERAL_NAME
Definition: boringssl_prefix_symbols.h:3229
ASN1_STRING_print_ex
#define ASN1_STRING_print_ex
Definition: boringssl_prefix_symbols.h:686
BN_to_ASN1_INTEGER
#define BN_to_ASN1_INTEGER
Definition: boringssl_prefix_symbols.h:998
d2i_ASN1_BIT_STRING
OPENSSL_EXPORT ASN1_BIT_STRING * d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **out, const uint8_t **inp, long len)
ASN1_mbstring_ncopy
#define ASN1_mbstring_ncopy
Definition: boringssl_prefix_symbols.h:757
NID_initials
#define NID_initials
Definition: nid.h:549
OPENSSL_free
#define OPENSSL_free
Definition: boringssl_prefix_symbols.h:1869
V_ASN1_OBJECT
#define V_ASN1_OBJECT
Definition: asn1.h:130
i2d_ASN1_NULL
OPENSSL_EXPORT int i2d_ASN1_NULL(const ASN1_NULL *in, uint8_t **outp)
V_ASN1_NEG_INTEGER
#define V_ASN1_NEG_INTEGER
Definition: asn1.h:156
ASN1_OBJECT_create
#define ASN1_OBJECT_create
Definition: boringssl_prefix_symbols.h:654
ASN1_STRFLGS_DUMP_UNKNOWN
#define ASN1_STRFLGS_DUMP_UNKNOWN
Definition: asn1.h:1660
thread
static uv_thread_t thread
Definition: test-async-null-cb.c:29
i2d_ASN1_BIT_STRING
OPENSSL_EXPORT int i2d_ASN1_BIT_STRING(const ASN1_BIT_STRING *in, uint8_t **outp)
V_ASN1_UNIVERSALSTRING
#define V_ASN1_UNIVERSALSTRING
Definition: asn1.h:150
BN_set_negative
#define BN_set_negative
Definition: boringssl_prefix_symbols.h:990
BN_new
#define BN_new
Definition: boringssl_prefix_symbols.h:971
asn1_string_st
Definition: asn1.h:543
i2d_ASN1_TIME
OPENSSL_EXPORT int i2d_ASN1_TIME(const ASN1_TIME *in, uint8_t **outp)
i
uint64_t i
Definition: abseil-cpp/absl/container/btree_benchmark.cc:230
asn1_linked_list_st::next
struct asn1_linked_list_st * next
Definition: asn1_test.cc:1724
asn1.h
ASSERT_EQ
#define ASSERT_EQ(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2056
ASN1_UTCTIME_set
#define ASN1_UTCTIME_set
Definition: boringssl_prefix_symbols.h:726
B_ASN1_UTF8STRING
#define B_ASN1_UTF8STRING
Definition: asn1.h:175
BIO_mem_contents
#define BIO_mem_contents
Definition: boringssl_prefix_symbols.h:803
ASN1_STRFLGS_DUMP_ALL
#define ASN1_STRFLGS_DUMP_ALL
Definition: asn1.h:1655
ASN1_NULL
struct asn1_null_st ASN1_NULL
Definition: base.h:333
V_ASN1_INTEGER
#define V_ASN1_INTEGER
Definition: asn1.h:126
ASN1_SIMPLE
#define ASN1_SIMPLE(stname, field, type)
Definition: asn1t.h:265

grpc
Author(s):
autogenerated on Fri May 16 2025 02:57:44