1
2
3
4
5
6 package x509
7
8 import (
9 "bytes"
10 "encoding/hex"
11 "net"
12 "reflect"
13 "strings"
14 "testing"
15
16 "github.com/google/certificate-transparency-go/asn1"
17 "github.com/google/certificate-transparency-go/x509/pkix"
18 )
19
20 func TestParseGeneralNames(t *testing.T) {
21 var tests = []struct {
22 data string
23 want GeneralNames
24 wantErr string
25 }{
26 {
27 data: ("3012" +
28 ("8210" + "7777772e676f6f676c652e636f2e756b")),
29 want: GeneralNames{
30 DNSNames: []string{"www.google.co.uk"},
31 },
32 },
33 {
34 data: ("3024" +
35 ("8210" + "7777772e676f6f676c652e636f2e756b") +
36 ("8610" + "7777772e676f6f676c652e636f2e756b")),
37 want: GeneralNames{
38 DNSNames: []string{"www.google.co.uk"},
39 URIs: []string{"www.google.co.uk"},
40 },
41 },
42 {
43 data: "0a0101",
44 wantErr: "failed to parse GeneralNames sequence",
45 },
46 {
47 data: "0a",
48 wantErr: "failed to parse GeneralNames:",
49 },
50 {
51 data: "03000a0101",
52 wantErr: "trailing data",
53 },
54 {
55 data: ("3005" + ("8703" + "010203")),
56 wantErr: "invalid IP length",
57 },
58 }
59 for _, test := range tests {
60 inData := fromHex(test.data)
61 var got GeneralNames
62 err := parseGeneralNames(inData, &got)
63 if err != nil {
64 if test.wantErr == "" {
65 t.Errorf("parseGeneralNames(%s)=%v; want nil", test.data, err)
66 } else if !strings.Contains(err.Error(), test.wantErr) {
67 t.Errorf("parseGeneralNames(%s)=%v; want %q", test.data, err, test.wantErr)
68 }
69 continue
70 }
71 if test.wantErr != "" {
72 t.Errorf("parseGeneralNames(%s)=%+v,nil; want %q", test.data, got, test.wantErr)
73 continue
74 }
75 if !reflect.DeepEqual(got, test.want) {
76 t.Errorf("parseGeneralNames(%s)=%+v; want %+v", test.data, got, test.want)
77 }
78 }
79 }
80
81 func TestParseGeneralName(t *testing.T) {
82 var tests = []struct {
83 data string
84 withMask bool
85 want GeneralNames
86 wantErr string
87 }{
88 {
89 data: ("a008" +
90 ("0603" + "551d0e") +
91 ("0a01" + "01")),
92 want: GeneralNames{
93 OtherNames: []OtherName{
94 {
95 TypeID: OIDExtensionSubjectKeyId,
96 Value: asn1.RawValue{
97 Class: asn1.ClassUniversal,
98 Tag: asn1.TagEnum,
99 IsCompound: false,
100 Bytes: fromHex("01"),
101 FullBytes: fromHex("0a0101"),
102 },
103 },
104 },
105 },
106 },
107 {
108 data: ("8008" +
109 ("0603" + "551d0e") +
110 ("0a01" + "01")),
111 wantErr: "not compound",
112 },
113 {
114 data: ("a005" +
115 ("0603" + "551d0e")),
116 wantErr: "sequence truncated",
117 },
118 {
119 data: ("8110" + "77777740676f6f676c652e636f2e756b"),
120 want: GeneralNames{
121 EmailAddresses: []string{"www@google.co.uk"},
122 },
123 },
124 {
125 data: ("8210" + "7777772e676f6f676c652e636f2e756b"),
126 want: GeneralNames{
127 DNSNames: []string{"www.google.co.uk"},
128 },
129 },
130 {
131 data: ("844b" +
132 ("3049" +
133 ("310b" +
134 ("3009" +
135 ("0603" + "550406") +
136 ("1302" + "5553"))) +
137 ("3113" +
138 ("3011" +
139 ("0603" + "55040a") +
140 ("130a" + "476f6f676c6520496e63"))) +
141 ("3125" +
142 ("3023" +
143 ("0603" + "550403") +
144 ("131c" + "476f6f676c6520496e7465726e657420417574686f72697479204732"))))),
145 want: GeneralNames{
146 DirectoryNames: []pkix.Name{
147 {
148 Country: []string{"US"},
149 Organization: []string{"Google Inc"},
150 CommonName: "Google Internet Authority G2",
151 Names: []pkix.AttributeTypeAndValue{
152 {Type: pkix.OIDCountry, Value: "US"},
153 {Type: pkix.OIDOrganization, Value: "Google Inc"},
154 {Type: pkix.OIDCommonName, Value: "Google Internet Authority G2"},
155 },
156 },
157 },
158 },
159 },
160 {
161 data: ("8410" + "7777772e676f6f676c652e636f2e756b"),
162 wantErr: "failed to unmarshal GeneralNames.directoryName",
163 },
164 {
165 data: ("8610" + "7777772e676f6f676c652e636f2e756b"),
166 want: GeneralNames{
167 URIs: []string{"www.google.co.uk"},
168 },
169 },
170 {
171 data: ("8704" + "01020304"),
172 want: GeneralNames{
173 IPNets: []net.IPNet{{IP: net.IP{1, 2, 3, 4}}},
174 },
175 },
176 {
177 data: ("8708" + "01020304ffffff00"),
178 withMask: true,
179 want: GeneralNames{
180 IPNets: []net.IPNet{{IP: net.IP{1, 2, 3, 4}, Mask: net.IPMask{0xff, 0xff, 0xff, 0x00}}},
181 },
182 },
183 {
184 data: ("8710" + "01020304111213142122232431323334"),
185 want: GeneralNames{
186 IPNets: []net.IPNet{{IP: net.IP{1, 2, 3, 4, 0x11, 0x12, 0x13, 0x14, 0x21, 0x22, 0x23, 0x24, 0x31, 0x32, 0x33, 0x34}}},
187 },
188 },
189 {
190 data: ("8703" + "010203"),
191 wantErr: "invalid IP length",
192 },
193 {
194 data: ("8707" + "01020304ffffff"),
195 withMask: true,
196 wantErr: "invalid IP/mask length",
197 },
198 {
199 data: ("8803" + "551d0e"),
200 want: GeneralNames{
201 RegisteredIDs: []asn1.ObjectIdentifier{OIDExtensionSubjectKeyId},
202 },
203 },
204 {
205 data: ("8803" + "551d8e"),
206 wantErr: "syntax error",
207 },
208 {
209 data: ("9003" + "551d8e"),
210 wantErr: "unknown tag",
211 },
212 {
213 data: ("8803"),
214 wantErr: "data truncated",
215 },
216 }
217
218 for _, test := range tests {
219 inData := fromHex(test.data)
220 var got GeneralNames
221 _, err := parseGeneralName(inData, &got, test.withMask)
222 if err != nil {
223 if test.wantErr == "" {
224 t.Errorf("parseGeneralName(%s)=%v; want nil", test.data, err)
225 } else if !strings.Contains(err.Error(), test.wantErr) {
226 t.Errorf("parseGeneralName(%s)=%v; want %q", test.data, err, test.wantErr)
227 }
228 continue
229 }
230 if test.wantErr != "" {
231 t.Errorf("parseGeneralName(%s)=%+v,nil; want %q", test.data, got, test.wantErr)
232 continue
233 }
234 if !reflect.DeepEqual(got, test.want) {
235 t.Errorf("parseGeneralName(%s)=%+v; want %+v", test.data, got, test.want)
236 }
237 if got.Empty() {
238 t.Errorf("parseGeneralName(%s).Empty(%+v)=true; want false", test.data, got)
239 }
240 if gotLen, wantLen := got.Len(), 1; gotLen != wantLen {
241 t.Errorf("parseGeneralName(%s).Len(%+v)=%d; want %d", test.data, got, gotLen, wantLen)
242 }
243 if !bytes.Equal(inData, fromHex(test.data)) {
244 t.Errorf("parseGeneralName(%s) modified data to %x", test.data, inData)
245 }
246
247
248 if test.withMask {
249 continue
250 }
251 seqData := append([]byte{0x30, byte(len(inData))}, inData...)
252 var gotSeq GeneralNames
253 err = parseGeneralNames(seqData, &gotSeq)
254 if err != nil {
255 t.Errorf("parseGeneralNames(%x)=%v; want nil", seqData, err)
256 continue
257 }
258 if !reflect.DeepEqual(gotSeq, test.want) {
259 t.Errorf("parseGeneralNames(%x)=%+v; want %+v", seqData, gotSeq, test.want)
260 }
261 }
262 }
263
264 func fromHex(s string) []byte {
265 d, _ := hex.DecodeString(s)
266 return d
267 }
268
View as plain text