1 package pkcs7
2
3 import (
4 "bytes"
5 "encoding/asn1"
6 "encoding/pem"
7 "fmt"
8 "strings"
9 "testing"
10 )
11
12 func TestBer2Der(t *testing.T) {
13
14 ber := []byte{0x30, 0x80, 0x02, 0x01, 0x01, 0x00, 0x00}
15 expected := []byte{0x30, 0x03, 0x02, 0x01, 0x01}
16 der, err := ber2der(ber)
17 if err != nil {
18 t.Fatalf("ber2der failed with error: %v", err)
19 }
20 if !bytes.Equal(der, expected) {
21 t.Errorf("ber2der result did not match.\n\tExpected: % X\n\tActual: % X", expected, der)
22 }
23
24 if der2, err := ber2der(der); err != nil {
25 t.Errorf("ber2der on DER bytes failed with error: %v", err)
26 } else {
27 if !bytes.Equal(der, der2) {
28 t.Error("ber2der is not idempotent")
29 }
30 }
31 var thing struct {
32 Number int
33 }
34 rest, err := asn1.Unmarshal(der, &thing)
35 if err != nil {
36 t.Errorf("Cannot parse resulting DER because: %v", err)
37 } else if len(rest) > 0 {
38 t.Errorf("Resulting DER has trailing data: % X", rest)
39 }
40 }
41
42 func TestBer2Der_Negatives(t *testing.T) {
43 fixtures := []struct {
44 Input []byte
45 ErrorContains string
46 }{
47 {[]byte{}, "input ber is empty"},
48 {[]byte{0x30}, "cannot move offset forward, end of ber data reached"},
49 {[]byte{0x30, 0x08}, "BER tag length is more than available dat"},
50 {[]byte{0x30, 0x81}, "cannot move offset forward, end of ber data reached"},
51 {[]byte{0x30, 0x81, 0x00}, "BER tag length has leading zero"},
52 {[]byte{0x30, 0x85, 0x00}, "tag length too long"},
53 {[]byte{0x30, 0x84, 0x80, 0x0, 0x0, 0x0}, "length is negative"},
54 {[]byte{0x30, 0x82, 0x0, 0x1}, "length has leading zero"},
55 {[]byte{0x30, 0x80, 0x1, 0x2, 0x1, 0x2}, "Invalid BER format"},
56 {[]byte{0x30, 0x80, 0x1, 0x2}, "BER tag length is more than available data"},
57 {[]byte{0x30, 0x03, 0x01, 0x02}, "length is more than available data"},
58 {[]byte{0x30}, "end of ber data reached"},
59 }
60
61 for _, fixture := range fixtures {
62 _, err := ber2der(fixture.Input)
63 if err == nil {
64 t.Errorf("No error thrown. Expected: %s", fixture.ErrorContains)
65 }
66 if !strings.Contains(err.Error(), fixture.ErrorContains) {
67 t.Errorf("Unexpected error thrown.\n\tExpected: /%s/\n\tActual: %s", fixture.ErrorContains, err.Error())
68 }
69 }
70 }
71
72 func TestBer2Der_NestedMultipleIndefinite(t *testing.T) {
73
74 ber := []byte{0x30, 0x80, 0x30, 0x80, 0x02, 0x01, 0x01, 0x00, 0x00, 0x30, 0x80, 0x02, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00}
75 expected := []byte{0x30, 0x0A, 0x30, 0x03, 0x02, 0x01, 0x01, 0x30, 0x03, 0x02, 0x01, 0x02}
76
77 der, err := ber2der(ber)
78 if err != nil {
79 t.Fatalf("ber2der failed with error: %v", err)
80 }
81 if bytes.Compare(der, expected) != 0 {
82 t.Errorf("ber2der result did not match.\n\tExpected: % X\n\tActual: % X", expected, der)
83 }
84
85 if der2, err := ber2der(der); err != nil {
86 t.Errorf("ber2der on DER bytes failed with error: %v", err)
87 } else {
88 if !bytes.Equal(der, der2) {
89 t.Error("ber2der is not idempotent")
90 }
91 }
92 var thing struct {
93 Nest1 struct {
94 Number int
95 }
96 Nest2 struct {
97 Number int
98 }
99 }
100 rest, err := asn1.Unmarshal(der, &thing)
101 if err != nil {
102 t.Errorf("Cannot parse resulting DER because: %v", err)
103 } else if len(rest) > 0 {
104 t.Errorf("Resulting DER has trailing data: % X", rest)
105 }
106 }
107
108 func TestVerifyIndefiniteLengthBer(t *testing.T) {
109 decoded := mustDecodePEM([]byte(testPKCS7))
110
111 _, err := ber2der(decoded)
112 if err != nil {
113 t.Errorf("cannot parse indefinite length ber: %v", err)
114 }
115 }
116
117 func mustDecodePEM(data []byte) []byte {
118 var block *pem.Block
119 block, rest := pem.Decode(data)
120 if len(rest) != 0 {
121 panic(fmt.Errorf("unexpected remaining PEM block during decode"))
122 }
123 return block.Bytes
124 }
125
126 const testPKCS7 = `
127 -----BEGIN PKCS7-----
128 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0B
129 BwGggCSABIIDfXsiQWdlbnRBY3Rpb25PdmVycmlkZXMiOnsiQWdlbnRPdmVycmlk
130 ZXMiOnsiRmlsZUV4aXN0c0JlaGF2aW9yIjoiT1ZFUldSSVRFIn19LCJBcHBsaWNh
131 dGlvbklkIjoiZTA0NDIzZTQtN2E2Ny00ZjljLWIyOTEtOTllNjNjMWMyMTU4Iiwi
132 QXBwbGljYXRpb25OYW1lIjoibWthbmlhLXhyZF9zYW0uY2R3c19lY2hvc2VydmVy
133 IiwiRGVwbG95bWVudENyZWF0b3IiOiJ1c2VyIiwiRGVwbG95bWVudEdyb3VwSWQi
134 OiJmYWI5MjEwZi1mNmM3LTQyODUtYWEyZC03Mzc2MGQ4ODE3NmEiLCJEZXBsb3lt
135 ZW50R3JvdXBOYW1lIjoibWthbmlhLXhyZF9zYW0uY2R3c19lY2hvc2VydmVyX2Rn
136 IiwiRGVwbG95bWVudElkIjoiZC1UREUxVTNXREEiLCJEZXBsb3ltZW50VHlwZSI6
137 IklOX1BMQUNFIiwiR2l0SHViQWNjZXNzVG9rZW4iOm51bGwsIkluc3RhbmNlR3Jv
138 dXBJZCI6ImZhYjkyMTBmLWY2YzctNDI4NS1hYTJkLTczNzYwZDg4MTc2YSIsIlJl
139 dmlzaW9uIjp7IkFwcFNwZWNDb250ZW50IjpudWxsLCJDb2RlQ29tbWl0UmV2aXNp
140 b24iOm51bGwsIkdpdEh1YlJldmlzaW9uIjpudWxsLCJHaXRSZXZpc2lvbiI6bnVs
141 bCwiUmV2aXNpb25UeXBlIjoiUzMiLCJTM1JldmlzaW9uIjp7IkJ1Y2tldCI6Im1r
142 YW5pYS1jZHdzLWRlcGxveS1idWNrZXQiLCJCdW5kbGVUeXBlIjoiemlwIiwiRVRh
143 ZyI6bnVsbCwiS2V5IjoieHJkOjpzYW0uY2R3czo6ZWNob3NlcnZlcjo6MTo6Lnpp
144 cCIsIlZlcnNpb24iOm51bGx9fSwiUzNSZXZpc2lvbiI6eyJCdWNrZXQiOiJta2Fu
145 aWEtY2R3cy1kZXBsb3ktYnVja2V0IiwiQnVuZGxlVHlwZSI6InppcCIsIkVUYWci
146 Om51bGwsIktleSI6InhyZDo6c2FtLmNkd3M6OmVjaG9zZXJ2ZXI6OjE6Oi56aXAi
147 LCJWZXJzaW9uIjpudWxsfSwiVGFyZ2V0UmV2aXNpb24iOm51bGx9AAAAAAAAoIAw
148 ggWbMIIEg6ADAgECAhAGrjFMK45t2jcNHtjY1DjEMA0GCSqGSIb3DQEBCwUAMEYx
149 CzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZBbWF6b24xFTATBgNVBAsTDFNlcnZlciBD
150 QSAxQjEPMA0GA1UEAxMGQW1hem9uMB4XDTIwMTExMjAwMDAwMFoXDTIxMTAxNTIz
151 NTk1OVowNDEyMDAGA1UEAxMpY29kZWRlcGxveS1zaWduZXItdXMtZWFzdC0yLmFt
152 YXpvbmF3cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDit4f+
153 I4BSv4rBV/8bJ+f4KqBwTCt9iJeau/r9liQfMgj/C1M2E+aa++u8BtY/LQstB44v
154 v6KqcaiOyWpkD9OsUty9qb4eNTPF2Y4jpNsi/Hfw0phsd9gLun2foppILmL4lZIG
155 lBhTeEwv6qV4KbyXOG9abHOX32+jVFtM1rbzHNFvz90ysfZp16TBAi7IRKEZeXvd
156 MvlJJMAJtAoblxiDIS3A1csY1G4XHYET8xIoCop3mqEZEtAxUUP2epdXXdhD2U0G
157 7alSRS54o91QW1Dp3A13lu1A1nds9CkWlPkDTpKSUG/qN5y5+6dCCGaydgL5krMs
158 R79bCrR1sEKm5hi1AgMBAAGjggKVMIICkTAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8
159 o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUPF5qTbnTDYhmp7tGmmL/jTmLoHMwNAYDVR0R
160 BC0wK4IpY29kZWRlcGxveS1zaWduZXItdXMtZWFzdC0yLmFtYXpvbmF3cy5jb20w
161 DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7
162 BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNv
163 bS9zY2ExYi5jcmwwIAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUG
164 CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1h
165 em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpv
166 bnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAQQGCisGAQQB1nkC
167 BAIEgfUEgfIA8AB2APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAAB
168 dboejIcAAAQDAEcwRQIgeqoKXbST17TCEzM1BMWx/jjyVQVBIN3LG17U4OaV364C
169 IQDPUSJZhJm7uqGea6+VwqeDe/vGuGSuJzkDwTIOeIXPaAB2AFzcQ5L+5qtFRLFe
170 mtRW5hA3+9X6R9yhc5SyXub2xw7KAAABdboejNQAAAQDAEcwRQIgEKIAwwhjUcq2
171 iwzBAagdy+fTiKnBY1Yjf6wOeRpwXfMCIQC8wM3nxiWrGgIpdzzgDvFhZZTV3N81
172 JWcYAu+srIVOhTANBgkqhkiG9w0BAQsFAAOCAQEAer9kml53XFy4ZSVzCbdsIFYP
173 Ohu7LDf5iffHBVZFnGOEVOmiPYYkNwi9R6EHIYaAs7G7GGLCp/6tdc+G4eF1j6wB
174 IkmXZcxMTxk/87R+S+36yDLg1GBZvqttLfexj0TRVAfVLJc7FjLXAW2+wi7YyNe8
175 X17lWBwHxa1r5KgweJshGzYVUsgMTSx0aJ+93ZnqplBp9x+9DSQNqqNlBgxFANxs
176 ux+dfpduyLd8VLqtlECGC07tYE4mBaAjMiNjCZRWMp8ya/Z6J/bJZ27IDGA4dXzm
177 l9NNnlbuUDAenAByUqE+0b78J6EmmdAVf+N8siriMg02FdP3lAXJLE8tDeZp8AAA
178 MYICIDCCAhwCAQEwWjBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUw
179 EwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbgIQBq4xTCuObdo3
180 DR7Y2NQ4xDANBglghkgBZQMEAgEFAKCBmDAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
181 AQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA2MjQxOTU1MzFaMC0GCSqGSIb3DQEJNDEg
182 MB4wDQYJYIZIAWUDBAIBBQChDQYJKoZIhvcNAQELBQAwLwYJKoZIhvcNAQkEMSIE
183 IP7gMuT2H0/AhgPgj3Eo0NWCIdQOBjJO18coNKIaOnJYMA0GCSqGSIb3DQEBCwUA
184 BIIBAJX+e87q0YvRon9/ENTvE0FoYMzYblID2Reek6L217ZlZ6pUuRsc4ghhJ5Yh
185 WZeOCaLwi4mrnQ5/+DGKkJ4a/w5sqFTwtJIGIIAuDCn/uDm8kIDUVkbeznSOLoPA
186 67cxiqgIdqZ5pqUoid2YsDj20owrGDG4wUF6ZvhM9g/5va3CAhxqvTE2HwjhHTfz
187 Cgl8Nlvalz7YxXEf2clFEiEVa1fVaGMl9pCyedAmTfd6hoivcpAsopvXfVaaaR2y
188 iuZidpUfFhSk+Ls7TU/kB74ckfUGj5q/5HcKJgb/S+FYUV7eu0ewzTyW1uRl/d0U
189 Tb7e7EjgDGJsjOTMdTrMfv8ho8kAAAAAAAA=
190 -----END PKCS7-----
191 `
192
View as plain text