2022-05-17 10:25:31 +00:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
|
From: Daniel Axtens <dja@axtens.net>
|
|
|
|
Date: Wed, 10 Jun 2020 17:48:42 +1000
|
|
|
|
Subject: [PATCH] test_asn1: test module for libtasn1
|
|
|
|
|
|
|
|
Import tests from libtasn1 that don't use functionality we don't
|
|
|
|
import. I have put them here rather than in the libtasn1 directory
|
|
|
|
because:
|
|
|
|
|
|
|
|
- They need much more significant changes to run in the grub
|
|
|
|
context.
|
|
|
|
|
|
|
|
- I don't expect they will need to be changed when updating
|
|
|
|
libtasn1: I expect the old tests will usually continue to pass on
|
|
|
|
new versions.
|
|
|
|
|
|
|
|
This doesn't test the full decoder but that will be exercised in
|
|
|
|
test suites for coming patch sets.
|
|
|
|
|
|
|
|
Signed-off-by: Daniel Axtens <dja@axtens.net>
|
|
|
|
---
|
|
|
|
Makefile.util.def | 6 +
|
|
|
|
grub-core/Makefile.core.def | 13 ++
|
|
|
|
.../lib/libtasn1_wrap/tests/CVE-2018-1000654.c | 61 ++++++
|
|
|
|
grub-core/lib/libtasn1_wrap/tests/Test_overflow.c | 138 ++++++++++++++
|
|
|
|
grub-core/lib/libtasn1_wrap/tests/Test_simple.c | 207 ++++++++++++++++++++
|
|
|
|
grub-core/lib/libtasn1_wrap/tests/Test_strings.c | 150 +++++++++++++++
|
|
|
|
.../lib/libtasn1_wrap/tests/object-id-decoding.c | 116 +++++++++++
|
|
|
|
.../lib/libtasn1_wrap/tests/object-id-encoding.c | 120 ++++++++++++
|
|
|
|
grub-core/lib/libtasn1_wrap/tests/octet-string.c | 211 +++++++++++++++++++++
|
|
|
|
grub-core/lib/libtasn1_wrap/tests/reproducers.c | 81 ++++++++
|
|
|
|
grub-core/lib/libtasn1_wrap/wrap_tests.c | 75 ++++++++
|
|
|
|
.../tests/CVE-2018-1000654-1_asn1_tab.h | 32 ++++
|
|
|
|
.../tests/CVE-2018-1000654-2_asn1_tab.h | 36 ++++
|
|
|
|
grub-core/lib/libtasn1_wrap/wrap_tests.h | 38 ++++
|
|
|
|
.gitignore | 1 +
|
|
|
|
tests/test_asn1.in | 12 ++
|
|
|
|
16 files changed, 1297 insertions(+)
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/Test_overflow.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/Test_simple.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/Test_strings.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/octet-string.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/reproducers.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/wrap_tests.c
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h
|
|
|
|
create mode 100644 grub-core/lib/libtasn1_wrap/wrap_tests.h
|
|
|
|
create mode 100644 tests/test_asn1.in
|
|
|
|
|
|
|
|
diff --git a/Makefile.util.def b/Makefile.util.def
|
2022-11-15 06:57:52 +00:00
|
|
|
index e1242f54022..8cfbe69a76e 100644
|
2022-05-17 10:25:31 +00:00
|
|
|
--- a/Makefile.util.def
|
|
|
|
+++ b/Makefile.util.def
|
|
|
|
@@ -1305,6 +1305,12 @@ script = {
|
|
|
|
common = tests/syslinux_test.in;
|
|
|
|
};
|
|
|
|
|
|
|
|
+script = {
|
|
|
|
+ testcase;
|
|
|
|
+ name = test_asn1;
|
|
|
|
+ common = tests/test_asn1.in;
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
program = {
|
|
|
|
testcase;
|
|
|
|
name = example_unit_test;
|
|
|
|
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
|
2022-11-15 06:57:52 +00:00
|
|
|
index 21d2c541850..b4aaccf7b57 100644
|
2022-05-17 10:25:31 +00:00
|
|
|
--- a/grub-core/Makefile.core.def
|
|
|
|
+++ b/grub-core/Makefile.core.def
|
|
|
|
@@ -2591,3 +2591,16 @@ module = {
|
|
|
|
// -Wno-type-limits comes from libtasn1's configure.ac
|
|
|
|
cppflags = '$(CPPFLAGS_POSIX) $(CPPFLAGS_GNULIB) -I$(srcdir)/lib/libtasn1/lib -Wno-type-limits';
|
|
|
|
};
|
|
|
|
+
|
|
|
|
+module = {
|
|
|
|
+ name = test_asn1;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/CVE-2018-1000654.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/object-id-decoding.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/object-id-encoding.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/octet-string.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/reproducers.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/Test_overflow.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/Test_simple.c;
|
|
|
|
+ common = lib/libtasn1_wrap/tests/Test_strings.c;
|
|
|
|
+ common = lib/libtasn1_wrap/wrap_tests.c;
|
|
|
|
+};
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..534e304521e
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654.c
|
|
|
|
@@ -0,0 +1,61 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2002-2018 Free Software Foundation, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+/****************************************************************/
|
|
|
|
+/* Description: reproducer for CVE-2018-1000654 */
|
|
|
|
+/****************************************************************/
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include <grub/types.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+#include "CVE-2018-1000654-1_asn1_tab.h"
|
|
|
|
+#include "CVE-2018-1000654-2_asn1_tab.h"
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_CVE_2018_1000654 (void)
|
|
|
|
+{
|
|
|
|
+ int result;
|
|
|
|
+ asn1_node definitions = NULL;
|
|
|
|
+ char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
|
|
|
|
+
|
|
|
|
+ result = asn1_array2tree (CVE_2018_1000654_1_asn1_tab, &definitions, errorDescription);
|
|
|
|
+ if (result != ASN1_RECURSION)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n",
|
|
|
|
+ asn1_strerror (result), errorDescription);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ asn1_delete_structure (&definitions);
|
|
|
|
+
|
|
|
|
+ result = asn1_array2tree (CVE_2018_1000654_2_asn1_tab, &definitions, errorDescription);
|
|
|
|
+ if (result != ASN1_RECURSION)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n",
|
|
|
|
+ asn1_strerror (result), errorDescription);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ asn1_delete_structure (&definitions);
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/Test_overflow.c b/grub-core/lib/libtasn1_wrap/tests/Test_overflow.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..f48aea0ef8b
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/Test_overflow.c
|
|
|
|
@@ -0,0 +1,138 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2012-2014 Free Software Foundation, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+/* Written by Simon Josefsson */
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include <grub/types.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_overflow(void)
|
|
|
|
+{
|
|
|
|
+ /* Test that values larger than long are rejected. This has worked
|
|
|
|
+ fine with all versions of libtasn1. */
|
|
|
|
+
|
|
|
|
+ {
|
|
|
|
+ unsigned char der[] = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF";
|
|
|
|
+ long l;
|
|
|
|
+ int len;
|
|
|
|
+
|
|
|
|
+ l = asn1_get_length_der (der, sizeof der, &len);
|
|
|
|
+
|
|
|
|
+ if (l != -2L)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("ERROR: asn1_get_length_der bignum (l %ld len %d)\n", l, len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* Test that values larger than int but smaller than long are
|
|
|
|
+ rejected. This limitation was introduced with libtasn1 2.12. */
|
|
|
|
+#if (GRUB_LONG_MAX > GRUB_INT_MAX)
|
|
|
|
+ {
|
|
|
|
+ unsigned long num = ((long) GRUB_UINT_MAX) << 2;
|
|
|
|
+ unsigned char der[20];
|
|
|
|
+ int der_len;
|
|
|
|
+ long l;
|
|
|
|
+ int len;
|
|
|
|
+
|
|
|
|
+ asn1_length_der (num, der, &der_len);
|
|
|
|
+
|
|
|
|
+ l = asn1_get_length_der (der, der_len, &len);
|
|
|
|
+
|
|
|
|
+ if (l != -2L)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("ERROR: asn1_get_length_der intnum (l %ld len %d)\n", l,
|
|
|
|
+ len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+ /* Test that values larger than would fit in the input string are
|
|
|
|
+ rejected. This problem was fixed in libtasn1 2.12. */
|
|
|
|
+ {
|
|
|
|
+ unsigned long num = 64;
|
|
|
|
+ unsigned char der[20];
|
|
|
|
+ int der_len;
|
|
|
|
+ long l;
|
|
|
|
+ int len;
|
|
|
|
+
|
|
|
|
+ asn1_length_der (num, der, &der_len);
|
|
|
|
+
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ l = asn1_get_length_der (der, der_len, &len);
|
|
|
|
+
|
|
|
|
+ if (l != -4L)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("ERROR: asn1_get_length_der overflow-small (l %ld len %d)\n",
|
|
|
|
+ l, len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* Test that values larger than would fit in the input string are
|
|
|
|
+ rejected. This problem was fixed in libtasn1 2.12. */
|
|
|
|
+ {
|
|
|
|
+ unsigned long num = 1073741824;
|
|
|
|
+ unsigned char der[20];
|
|
|
|
+ int der_len;
|
|
|
|
+ long l;
|
|
|
|
+ int len;
|
|
|
|
+
|
|
|
|
+ asn1_length_der (num, der, &der_len);
|
|
|
|
+
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ l = asn1_get_length_der (der, der_len, &len);
|
|
|
|
+
|
|
|
|
+ if (l != -4L)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("ERROR: asn1_get_length_der overflow-large1 (l %ld len %d)\n",
|
|
|
|
+ l, len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* Test that values larger than would fit in the input string are
|
|
|
|
+ rejected. This problem was fixed in libtasn1 2.12. */
|
|
|
|
+ {
|
|
|
|
+ unsigned long num = 2147483649;
|
|
|
|
+ unsigned char der[20];
|
|
|
|
+ int der_len;
|
|
|
|
+ long l;
|
|
|
|
+ int len;
|
|
|
|
+
|
|
|
|
+ asn1_length_der (num, der, &der_len);
|
|
|
|
+
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ l = asn1_get_length_der (der, der_len, &len);
|
|
|
|
+
|
|
|
|
+ if (l != -2L)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("ERROR: asn1_get_length_der overflow-large2 (l %ld len %d)\n",
|
|
|
|
+ l, len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/Test_simple.c b/grub-core/lib/libtasn1_wrap/tests/Test_simple.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..9f01006ddf4
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/Test_simple.c
|
|
|
|
@@ -0,0 +1,207 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2011-2014 Free Software Foundation, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ * Written by Simon Josefsson
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+struct tv
|
|
|
|
+{
|
|
|
|
+ int bitlen;
|
|
|
|
+ const char *bitstr;
|
|
|
|
+ int derlen;
|
|
|
|
+ const char *der;
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+static const struct tv tv[] = {
|
|
|
|
+ {0, "", 2, "\x01\x00"},
|
|
|
|
+ {1, "\x00", 3, "\x02\x07\x00"},
|
|
|
|
+ {2, "\x00", 3, "\x02\x06\x00"},
|
|
|
|
+ {3, "\x00", 3, "\x02\x05\x00"},
|
|
|
|
+ {4, "\x00", 3, "\x02\x04\x00"},
|
|
|
|
+ {5, "\x00", 3, "\x02\x03\x00"},
|
|
|
|
+ {6, "\x00", 3, "\x02\x02\x00"},
|
|
|
|
+ {7, "\x00", 3, "\x02\x01\x00"},
|
|
|
|
+ {8, "\x00\x00", 3, "\x02\x00\x00"},
|
|
|
|
+ {9, "\x00\x00", 4, "\x03\x07\x00\x00"},
|
|
|
|
+ {10, "\x00\x00", 4, "\x03\x06\x00\x00"},
|
|
|
|
+ {11, "\x00\x00", 4, "\x03\x05\x00\x00"},
|
|
|
|
+ {12, "\x00\x00", 4, "\x03\x04\x00\x00"},
|
|
|
|
+ {13, "\x00\x00", 4, "\x03\x03\x00\x00"},
|
|
|
|
+ {14, "\x00\x00", 4, "\x03\x02\x00\x00"},
|
|
|
|
+ {15, "\x00\x00", 4, "\x03\x01\x00\x00"},
|
|
|
|
+ {16, "\x00\x00", 4, "\x03\x00\x00\x00"},
|
|
|
|
+ {17, "\x00\x00\x00", 5, "\x04\x07\x00\x00\x00"},
|
|
|
|
+ {18, "\x00\x00\x00", 5, "\x04\x06\x00\x00\x00"},
|
|
|
|
+ {19, "\x00\x00\x00", 5, "\x04\x05\x00\x00\x00"},
|
|
|
|
+ {1, "\xFF", 3, "\x02\x07\x80"},
|
|
|
|
+ {2, "\xFF", 3, "\x02\x06\xc0"},
|
|
|
|
+ {3, "\xFF", 3, "\x02\x05\xe0"},
|
|
|
|
+ {4, "\xFF", 3, "\x02\x04\xf0"},
|
|
|
|
+ {5, "\xFF", 3, "\x02\x03\xf8"},
|
|
|
|
+ {6, "\xFF", 3, "\x02\x02\xfc"},
|
|
|
|
+ {7, "\xFF", 3, "\x02\x01\xfe"},
|
|
|
|
+ {8, "\xFF\xFF", 3, "\x02\x00\xff"},
|
|
|
|
+ {9, "\xFF\xFF", 4, "\x03\x07\xff\x80"},
|
|
|
|
+ {10, "\xFF\xFF", 4, "\x03\x06\xff\xc0"},
|
|
|
|
+ {11, "\xFF\xFF", 4, "\x03\x05\xff\xe0"},
|
|
|
|
+ {12, "\xFF\xFF", 4, "\x03\x04\xff\xf0"},
|
|
|
|
+ {13, "\xFF\xFF", 4, "\x03\x03\xff\xf8"},
|
|
|
|
+ {14, "\xFF\xFF", 4, "\x03\x02\xff\xfc"},
|
|
|
|
+ {15, "\xFF\xFF", 4, "\x03\x01\xff\xfe"},
|
|
|
|
+ {16, "\xFF\xFF", 4, "\x03\x00\xff\xff"},
|
|
|
|
+ {17, "\xFF\xFF\xFF", 5, "\x04\x07\xff\xff\x80"},
|
|
|
|
+ {18, "\xFF\xFF\xFF", 5, "\x04\x06\xff\xff\xc0"},
|
|
|
|
+ {19, "\xFF\xFF\xFF", 5, "\x04\x05\xff\xff\xe0"},
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_simple (void)
|
|
|
|
+{
|
|
|
|
+ int result;
|
|
|
|
+ unsigned char der[100];
|
|
|
|
+ unsigned char str[100];
|
|
|
|
+ int der_len = sizeof (der);
|
|
|
|
+ int str_size = sizeof (str);
|
|
|
|
+ int ret_len, bit_len;
|
|
|
|
+ grub_size_t i;
|
|
|
|
+
|
|
|
|
+ /* Dummy test */
|
|
|
|
+
|
|
|
|
+ asn1_bit_der (NULL, 0, der, &der_len);
|
|
|
|
+ result = asn1_get_bit_der (der, 0, &ret_len, str, str_size, &bit_len);
|
|
|
|
+ if (result != ASN1_GENERIC_ERROR)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_get_bit_der zero\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* Encode short strings with increasing bit lengths */
|
|
|
|
+
|
|
|
|
+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
|
|
|
|
+ {
|
|
|
|
+ /* Encode */
|
|
|
|
+
|
|
|
|
+ asn1_bit_der ((const unsigned char *) tv[i].bitstr, tv[i].bitlen,
|
|
|
|
+ der, &der_len);
|
|
|
|
+
|
|
|
|
+#if 0
|
|
|
|
+ {
|
|
|
|
+ size_t j;
|
|
|
|
+ for (j = 0; j < der_len; j++)
|
|
|
|
+ printf ("\\x%02x", der[j]);
|
|
|
|
+ printf ("\n");
|
|
|
|
+ }
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+ if (der_len != tv[i].derlen || grub_memcmp (der, tv[i].der, der_len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_bit_der iter %lu\n", (unsigned long) i);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* Decode it */
|
|
|
|
+
|
|
|
|
+ result = asn1_get_bit_der (der, der_len, &ret_len, str,
|
|
|
|
+ str_size, &bit_len);
|
|
|
|
+ if (result != ASN1_SUCCESS || ret_len != tv[i].derlen
|
|
|
|
+ || bit_len != tv[i].bitlen)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_get_bit_der iter %lu, err: %d\n", (unsigned long) i, result);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+ /* Decode sample from "A Layman's Guide to a Subset of ASN.1, BER,
|
|
|
|
+ and DER" section 5.4 "BIT STRING": "The BER encoding of the BIT
|
|
|
|
+ STRING value "011011100101110111" can be any of the following,
|
|
|
|
+ among others, depending on the choice of padding bits, the form
|
|
|
|
+ of length octets [...]".
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+ /* 03 04 06 6e 5d c0 DER encoding */
|
|
|
|
+
|
|
|
|
+ grub_memcpy (der, "\x04\x06\x6e\x5d\xc0", 5);
|
|
|
|
+ der_len = 5;
|
|
|
|
+
|
|
|
|
+ result = asn1_get_bit_der (der, der_len, &ret_len, str, str_size, &bit_len);
|
|
|
|
+ if (result != ASN1_SUCCESS || ret_len != 5
|
|
|
|
+ || bit_len != 18 || grub_memcmp (str, "\x6e\x5d\xc0", 3) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_get_bit_der example\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ asn1_bit_der (str, bit_len, der, &der_len);
|
|
|
|
+ if (der_len != 5 || grub_memcmp (der, "\x04\x06\x6e\x5d\xc0", 5) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_bit_der example roundtrip\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* 03 04 06 6e 5d e0 padded with "100000" */
|
|
|
|
+
|
|
|
|
+ grub_memcpy (der, "\x04\x06\x6e\x5d\xe0", 5);
|
|
|
|
+ der_len = 5;
|
|
|
|
+
|
|
|
|
+ result = asn1_get_bit_der (der, der_len, &ret_len, str, str_size, &bit_len);
|
|
|
|
+ if (result != ASN1_SUCCESS || ret_len != 5
|
|
|
|
+ || bit_len != 18 || grub_memcmp (str, "\x6e\x5d\xe0", 3) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_get_bit_der example padded\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ asn1_bit_der (str, bit_len, der, &der_len);
|
|
|
|
+ if (der_len != 5 || grub_memcmp (der, "\x04\x06\x6e\x5d\xc0", 5) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_bit_der example roundtrip\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* 03 81 04 06 6e 5d c0 long form of length octets */
|
|
|
|
+
|
|
|
|
+ grub_memcpy (der, "\x81\x04\x06\x6e\x5d\xc0", 6);
|
|
|
|
+ der_len = 6;
|
|
|
|
+
|
|
|
|
+ result = asn1_get_bit_der (der, der_len, &ret_len, str, str_size, &bit_len);
|
|
|
|
+
|
|
|
|
+ if (result != ASN1_SUCCESS || ret_len != 6
|
|
|
|
+ || bit_len != 18 || grub_memcmp (str, "\x6e\x5d\xc0", 3) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_get_bit_der example long form\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ asn1_bit_der (str, bit_len, der, &der_len);
|
|
|
|
+ if (der_len != 5 || grub_memcmp (der, "\x04\x06\x6e\x5d\xc0", 5) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("asn1_bit_der example roundtrip\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/Test_strings.c b/grub-core/lib/libtasn1_wrap/tests/Test_strings.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..dbe1474b204
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/Test_strings.c
|
|
|
|
@@ -0,0 +1,150 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2012-2014 Free Software Foundation, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ * Written by Simon Josefsson
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+struct tv
|
|
|
|
+{
|
|
|
|
+ unsigned int etype;
|
|
|
|
+ unsigned int str_len;
|
|
|
|
+ const void *str;
|
|
|
|
+ unsigned int der_len;
|
|
|
|
+ const void *der;
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+static const struct tv tv[] = {
|
|
|
|
+ {ASN1_ETYPE_IA5_STRING, 20,
|
|
|
|
+ "\x63\x73\x63\x61\x40\x70\x61\x73\x73\x70\x6f\x72\x74\x2e\x67\x6f\x76\x2e\x67\x72",
|
|
|
|
+ 22,
|
|
|
|
+ "\x16\x14\x63\x73\x63\x61\x40\x70\x61\x73\x73\x70\x6f\x72\x74\x2e\x67\x6f\x76\x2e\x67\x72"},
|
|
|
|
+ {ASN1_ETYPE_PRINTABLE_STRING, 5, "\x4e\x69\x6b\x6f\x73",
|
|
|
|
+ 7, "\x13\x05\x4e\x69\x6b\x6f\x73"},
|
|
|
|
+ {ASN1_ETYPE_UTF8_STRING, 12, "Αττική",
|
|
|
|
+ 14, "\x0c\x0c\xce\x91\xcf\x84\xcf\x84\xce\xb9\xce\xba\xce\xae"},
|
|
|
|
+ {ASN1_ETYPE_TELETEX_STRING, 15,
|
|
|
|
+ "\x53\x69\x6d\x6f\x6e\x20\x4a\x6f\x73\x65\x66\x73\x73\x6f\x6e",
|
|
|
|
+ 17,
|
|
|
|
+ "\x14\x0f\x53\x69\x6d\x6f\x6e\x20\x4a\x6f\x73\x65\x66\x73\x73\x6f\x6e"},
|
|
|
|
+ {ASN1_ETYPE_OCTET_STRING, 36,
|
|
|
|
+ "\x30\x22\x80\x0F\x32\x30\x31\x31\x30\x38\x32\x31\x30\x38\x30\x30\x30\x36\x5A\x81\x0F\x32\x30\x31\x31\x30\x38\x32\x33\x32\x30\x35\x39\x35\x39\x5A",
|
|
|
|
+ 38,
|
|
|
|
+ "\x04\x24\x30\x22\x80\x0F\x32\x30\x31\x31\x30\x38\x32\x31\x30\x38\x30\x30\x30\x36\x5A\x81\x0F\x32\x30\x31\x31\x30\x38\x32\x33\x32\x30\x35\x39\x35\x39\x5A"}
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+#define SSTR(x) sizeof(x)-1,x
|
|
|
|
+static const struct tv ber[] = {
|
|
|
|
+ {ASN1_ETYPE_OCTET_STRING,
|
|
|
|
+ SSTR("\xa0\xa0"),
|
|
|
|
+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x00\x00")},
|
|
|
|
+ {ASN1_ETYPE_OCTET_STRING,
|
|
|
|
+ SSTR("\xa0\xa0\xb0\xb0\xb0"),
|
|
|
|
+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x04\x82\x00\x03\xb0\xb0\xb0\x00\x00")},
|
|
|
|
+ {ASN1_ETYPE_OCTET_STRING,
|
|
|
|
+ SSTR("\xa0\xa0\xb0\xb0\xb0\xa1\xa1"),
|
|
|
|
+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x04\x82\x00\x03\xb0\xb0\xb0\x24\x80\x04\x82\x00\x02\xa1\xa1\x00\x00\x00\x00")},
|
|
|
|
+ {ASN1_ETYPE_OCTET_STRING,
|
|
|
|
+ SSTR("\xa0\xa0\xb0\xb0\xb0\xa1\xa1\xc1"),
|
|
|
|
+ SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x04\x82\x00\x03\xb0\xb0\xb0\x24\x80\x04\x82\x00\x02\xa1\xa1\x04\x82\x00\x01\xc1\x00\x00\x00\x00")},
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_strings ()
|
|
|
|
+{
|
|
|
|
+ int ret;
|
|
|
|
+ unsigned char tl[ASN1_MAX_TL_SIZE];
|
|
|
|
+ unsigned int tl_len, der_len, str_len;
|
|
|
|
+ const unsigned char *str;
|
|
|
|
+ unsigned char *b;
|
|
|
|
+ unsigned int i;
|
|
|
|
+
|
|
|
|
+ /* Dummy test */
|
|
|
|
+
|
|
|
|
+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
|
|
|
|
+ {
|
|
|
|
+ /* Encode */
|
|
|
|
+ tl_len = sizeof (tl);
|
|
|
|
+ ret = asn1_encode_simple_der (tv[i].etype, tv[i].str, tv[i].str_len,
|
|
|
|
+ tl, &tl_len);
|
|
|
|
+ if (ret != ASN1_SUCCESS)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("Encoding error in %u: %s\n", i,
|
|
|
|
+ asn1_strerror (ret));
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ der_len = tl_len + tv[i].str_len;
|
|
|
|
+
|
|
|
|
+ if (der_len != tv[i].der_len || grub_memcmp (tl, tv[i].der, tl_len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "DER encoding differs in %u! (size: %u, expected: %u)\n",
|
|
|
|
+ i, der_len, tv[i].der_len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* decoding */
|
|
|
|
+ ret =
|
|
|
|
+ asn1_decode_simple_der (tv[i].etype, tv[i].der, tv[i].der_len, &str,
|
|
|
|
+ &str_len);
|
|
|
|
+ if (ret != ASN1_SUCCESS)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("Decoding error in %u: %s\n", i,
|
|
|
|
+ asn1_strerror (ret));
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (str_len != tv[i].str_len || grub_memcmp (str, tv[i].str, str_len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "DER decoded data differ in %u! (size: %u, expected: %u)\n",
|
|
|
|
+ i, der_len, tv[i].str_len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* BER decoding */
|
|
|
|
+ for (i = 0; i < sizeof (ber) / sizeof (ber[0]); i++)
|
|
|
|
+ {
|
|
|
|
+ /* decoding */
|
|
|
|
+ ret =
|
|
|
|
+ asn1_decode_simple_ber (ber[i].etype, ber[i].der, ber[i].der_len, &b,
|
|
|
|
+ &str_len, NULL);
|
|
|
|
+ if (ret != ASN1_SUCCESS)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("BER decoding error in %u: %s\n", i,
|
|
|
|
+ asn1_strerror (ret));
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (str_len != ber[i].str_len || grub_memcmp (b, ber[i].str, str_len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "BER decoded data differ in %u! (size: %u, expected: %u)\n",
|
|
|
|
+ i, str_len, ber[i].str_len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ grub_free(b);
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c b/grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..d367bbfb5a7
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/object-id-decoding.c
|
|
|
|
@@ -0,0 +1,116 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2016 Red Hat, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/types.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+struct tv
|
|
|
|
+{
|
|
|
|
+ int der_len;
|
|
|
|
+ const unsigned char *der;
|
|
|
|
+ const char *oid;
|
|
|
|
+ int expected_error;
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+static const struct tv tv[] = {
|
|
|
|
+ {.der_len = 5,
|
|
|
|
+ .der = (void *) "\x06\x03\x80\x37\x03",
|
|
|
|
+ .oid = "2.999.3",
|
|
|
|
+ .expected_error = ASN1_DER_ERROR /* leading 0x80 */
|
|
|
|
+ },
|
|
|
|
+ {.der_len = 12,
|
|
|
|
+ .der = (void *) "\x06\x0a\x2b\x06\x01\x80\x01\x92\x08\x09\x05\x01",
|
|
|
|
+ .oid = "1.3.6.1.4.1.2312.9.5.1",
|
|
|
|
+ .expected_error = ASN1_DER_ERROR /* leading 0x80 */
|
|
|
|
+ },
|
|
|
|
+ {.der_len = 6,
|
|
|
|
+ .der = (void *) "\x06\x04\x01\x02\x03\x04",
|
|
|
|
+ .oid = "0.1.2.3.4",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 5,
|
|
|
|
+ .der = (void *) "\x06\x03\x51\x02\x03",
|
|
|
|
+ .oid = "2.1.2.3",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 5,
|
|
|
|
+ .der = (void *) "\x06\x03\x88\x37\x03",
|
|
|
|
+ .oid = "2.999.3",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 12,
|
|
|
|
+ .der = (void *) "\x06\x0a\x2b\x06\x01\x04\x01\x92\x08\x09\x05\x01",
|
|
|
|
+ .oid = "1.3.6.1.4.1.2312.9.5.1",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 19,
|
|
|
|
+ .der = (void *) "\x06\x11\xfa\x80\x00\x00\x00\x0e\x01\x0e\xfa\x80\x00\x00\x00\x0e\x63\x6f\x6d",
|
|
|
|
+ .oid = "2.1998768.0.0.14.1.14.1998848.0.0.14.99.111.109",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 19,
|
|
|
|
+ .der =
|
|
|
|
+ (void *)
|
|
|
|
+ "\x06\x11\x2b\x06\x01\x04\x01\x92\x08\x09\x02\xaa\xda\xbe\xbe\xfa\x72\x01\x07",
|
|
|
|
+ .oid = "1.3.6.1.4.1.2312.9.2.1467399257458.1.7",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_object_id_decoding (void)
|
|
|
|
+{
|
|
|
|
+ char str[128];
|
|
|
|
+ int ret, ret_len;
|
|
|
|
+ grub_size_t i;
|
|
|
|
+
|
|
|
|
+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
|
|
|
|
+ {
|
|
|
|
+ /* decode */
|
|
|
|
+ ret =
|
|
|
|
+ asn1_get_object_id_der (tv[i].der+1,
|
|
|
|
+ tv[i].der_len-1, &ret_len, str,
|
|
|
|
+ sizeof (str));
|
|
|
|
+ if (ret != tv[i].expected_error)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: asn1_get_object_id_der iter %lu: got '%s' expected %d\n",
|
|
|
|
+ __LINE__, (unsigned long) i, asn1_strerror(ret), tv[i].expected_error);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (tv[i].expected_error != ASN1_SUCCESS)
|
|
|
|
+ continue;
|
|
|
|
+
|
|
|
|
+ if (ret_len != tv[i].der_len-1)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: iter %lu: error in DER, length returned is %d, had %d\n",
|
|
|
|
+ __LINE__, (unsigned long)i, ret_len, tv[i].der_len-1);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (grub_strcmp (tv[i].oid, str) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: strcmp iter %lu: got invalid OID: %s, expected: %s\n",
|
|
|
|
+ __LINE__, (unsigned long) i, str, tv[i].oid);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c b/grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..3a83b58c59f
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/object-id-encoding.c
|
|
|
|
@@ -0,0 +1,120 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2019 Nikos Mavrogiannopoulos
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/types.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+struct tv
|
|
|
|
+{
|
|
|
|
+ int der_len;
|
|
|
|
+ const unsigned char *der;
|
|
|
|
+ const char *oid;
|
|
|
|
+ int expected_error;
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+static const struct tv tv[] = {
|
|
|
|
+ {.der_len = 0,
|
|
|
|
+ .der = (void *) "",
|
|
|
|
+ .oid = "5.999.3",
|
|
|
|
+ .expected_error = ASN1_VALUE_NOT_VALID /* cannot start with 5 */
|
|
|
|
+ },
|
|
|
|
+ {.der_len = 0,
|
|
|
|
+ .der = (void *) "",
|
|
|
|
+ .oid = "0.48.9",
|
|
|
|
+ .expected_error = ASN1_VALUE_NOT_VALID /* second field cannot be 48 */
|
|
|
|
+ },
|
|
|
|
+ {.der_len = 0,
|
|
|
|
+ .der = (void *) "",
|
|
|
|
+ .oid = "1.40.9",
|
|
|
|
+ .expected_error = ASN1_VALUE_NOT_VALID /* second field cannot be 40 */
|
|
|
|
+ },
|
|
|
|
+ {.der_len = 4,
|
|
|
|
+ .der = (void *) "\x06\x02\x4f\x63",
|
|
|
|
+ .oid = "1.39.99",
|
|
|
|
+ .expected_error = ASN1_SUCCESS,
|
|
|
|
+ },
|
|
|
|
+ {.der_len = 6,
|
|
|
|
+ .der = (void *) "\x06\x04\x01\x02\x03\x04",
|
|
|
|
+ .oid = "0.1.2.3.4",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 5,
|
|
|
|
+ .der = (void *) "\x06\x03\x51\x02\x03",
|
|
|
|
+ .oid = "2.1.2.3",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 5,
|
|
|
|
+ .der = (void *) "\x06\x03\x88\x37\x03",
|
|
|
|
+ .oid = "2.999.3",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 12,
|
|
|
|
+ .der = (void *) "\x06\x0a\x2b\x06\x01\x04\x01\x92\x08\x09\x05\x01",
|
|
|
|
+ .oid = "1.3.6.1.4.1.2312.9.5.1",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 19,
|
|
|
|
+ .der = (void *) "\x06\x11\xfa\x80\x00\x00\x00\x0e\x01\x0e\xfa\x80\x00\x00\x00\x0e\x63\x6f\x6d",
|
|
|
|
+ .oid = "2.1998768.0.0.14.1.14.1998848.0.0.14.99.111.109",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+ {.der_len = 19,
|
|
|
|
+ .der =
|
|
|
|
+ (void *)
|
|
|
|
+ "\x06\x11\x2b\x06\x01\x04\x01\x92\x08\x09\x02\xaa\xda\xbe\xbe\xfa\x72\x01\x07",
|
|
|
|
+ .oid = "1.3.6.1.4.1.2312.9.2.1467399257458.1.7",
|
|
|
|
+ .expected_error = ASN1_SUCCESS},
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_object_id_encoding(void)
|
|
|
|
+{
|
|
|
|
+ unsigned char der[128];
|
|
|
|
+ int ret, der_len, i;
|
|
|
|
+
|
|
|
|
+ for (i = 0; i < (int)(sizeof (tv) / sizeof (tv[0])); i++)
|
|
|
|
+ {
|
|
|
|
+ der_len = sizeof(der);
|
|
|
|
+ ret = asn1_object_id_der(tv[i].oid, der, &der_len, 0);
|
|
|
|
+ if (ret != ASN1_SUCCESS)
|
|
|
|
+ {
|
|
|
|
+ if (ret == tv[i].expected_error)
|
|
|
|
+ continue;
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: iter %lu, encoding of OID failed: %s\n",
|
|
|
|
+ __LINE__, (unsigned long) i, asn1_strerror(ret));
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ else if (ret != tv[i].expected_error)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: iter %lu, encoding of OID %s succeeded when expecting failure\n",
|
|
|
|
+ __LINE__, (unsigned long) i, tv[i].oid);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (der_len != tv[i].der_len || grub_memcmp(der, tv[i].der, der_len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: iter %lu, re-encoding of OID %s resulted to different string (%d vs %d bytes)\n",
|
|
|
|
+ __LINE__, (unsigned long) i, tv[i].oid, der_len, tv[i].der_len);
|
|
|
|
+
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/octet-string.c b/grub-core/lib/libtasn1_wrap/tests/octet-string.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..d8a049e8df0
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/octet-string.c
|
|
|
|
@@ -0,0 +1,211 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2011-2020 Free Software Foundation, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ * Written by Simon Josefsson and Nikos Mavrogiannopoulos
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include <grub/misc.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+struct tv
|
|
|
|
+{
|
|
|
|
+ const char *name;
|
|
|
|
+ int der_len;
|
|
|
|
+ const unsigned char *der_str;
|
|
|
|
+ int len;
|
|
|
|
+ const unsigned char *string;
|
|
|
|
+ int expected_error;
|
|
|
|
+ int ber;
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+static const struct tv tv[] = {
|
|
|
|
+ {.name = "primitive octet strings",
|
|
|
|
+ .der_len = 10,
|
|
|
|
+ .der_str =
|
|
|
|
+ (void*)"\x04\x08\x01\x23\x45\x67\x89\xab\xcd\xef",
|
|
|
|
+ .len = 8,
|
|
|
|
+ .string =
|
|
|
|
+ (void*)"\x01\x23\x45\x67\x89\xab\xcd\xef",
|
|
|
|
+ .ber = 0},
|
|
|
|
+ {.der_len = 22,
|
|
|
|
+ .der_str =
|
|
|
|
+ (void*)"\x04\x14\x13\x00\xd9\xa8\x47\xf7\xf2\x1c\xf4\xb0\xec\x5f\xc1\x73\xe5\x1b\x25\xc2\x62\x27",
|
|
|
|
+ .len = 20,
|
|
|
|
+ .string =
|
|
|
|
+ (void*)"\x13\x00\xD9\xA8\x47\xF7\xF2\x1C\xF4\xB0\xEC\x5F\xC1\x73\xE5\x1B\x25\xC2\x62\x27"},
|
|
|
|
+
|
|
|
|
+ {.name = "long type of length",
|
|
|
|
+ .der_len = 23,
|
|
|
|
+ .der_str =
|
|
|
|
+ (void*)"\x04\x81\x14\x13\x00\xd9\xa8\x47\xf7\xf2\x1c\xf4\xb0\xec\x5f\xc1\x73\xe5\x1b\x25\xc2\x62\x27",
|
|
|
|
+ .len = 20,
|
|
|
|
+ .string =
|
|
|
|
+ (void*)"\x13\x00\xD9\xA8\x47\xF7\xF2\x1C\xF4\xB0\xEC\x5F\xC1\x73\xE5\x1B\x25\xC2\x62\x27",
|
|
|
|
+ .ber = 1},
|
|
|
|
+ {.der_len = 11,
|
|
|
|
+ .der_str =
|
|
|
|
+ (void*)"\x04\x81\x08\x01\x23\x45\x67\x89\xab\xcd\xef",
|
|
|
|
+ .len = 8,
|
|
|
|
+ .string =
|
|
|
|
+ (void*)"\x01\x23\x45\x67\x89\xab\xcd\xef",
|
|
|
|
+ .ber = 1},
|
|
|
|
+
|
|
|
|
+ {.name = "constructed - indefinite",
|
|
|
|
+ .der_len = 11,
|
|
|
|
+ .der_str = (void*)"\x24\x80\x04\x05\x01\x02\x03\x04\x05\x00\x00",
|
|
|
|
+ .len = 5,
|
|
|
|
+ .string = (void*)"\x01\x02\x03\x04\x05",
|
|
|
|
+ .ber = 1,
|
|
|
|
+ },
|
|
|
|
+
|
|
|
|
+ {.name = "constructed - definite - concat",
|
|
|
|
+ .der_len = 12,
|
|
|
|
+ .der_str = (void*)"\x24\x0a\x04\x04\x0a\x0b\x0c\x0d\x04\x02\x0e\x0f",
|
|
|
|
+ .len = 6,
|
|
|
|
+ .string = (void*)"\x0a\x0b\x0c\x0d\x0e\x0f",
|
|
|
|
+ .ber = 1,
|
|
|
|
+ },
|
|
|
|
+ {.name = "constructed - definite - recursive",
|
|
|
|
+ .der_len = 15,
|
|
|
|
+ .der_str = (void*)"\x24\x0d\x04\x04\x0a\x0b\x0c\x0d\x24\x05\x04\x00\x04\x01\x0f",
|
|
|
|
+ .len = 5,
|
|
|
|
+ .string = (void*)"\x0a\x0b\x0c\x0d\x0f",
|
|
|
|
+ .ber = 1,
|
|
|
|
+ },
|
|
|
|
+ {.name = "constructed - definite - single",
|
|
|
|
+ .der_len = 7,
|
|
|
|
+ .der_str = (void*)"\x24\x05\x04\x03\x01\x02\x03",
|
|
|
|
+ .len = 3,
|
|
|
|
+ .string = (void*)"\x01\x02\x03",
|
|
|
|
+ .ber = 1,
|
|
|
|
+ },
|
|
|
|
+
|
|
|
|
+ /* a large amount of recursive indefinite encoding */
|
|
|
|
+ {.name = "a large amount of recursive indefinite encoding",
|
|
|
|
+ .der_len = 29325,
|
|
|
|
+ .der_str = (void*)"\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24\x80\x24
|
|
|
|
+ .len = 0,
|
|
|
|
+ .ber = 1,
|
|
|
|
+ .expected_error = ASN1_DER_ERROR
|
|
|
|
+ }
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_octet_string (void)
|
|
|
|
+{
|
|
|
|
+ unsigned char str[100];
|
|
|
|
+ unsigned char der[100];
|
|
|
|
+ int der_len = sizeof (der);
|
|
|
|
+ int str_size = sizeof (str);
|
|
|
|
+ unsigned char *tmp = NULL;
|
|
|
|
+ int ret, ret_len;
|
|
|
|
+ grub_size_t i;
|
|
|
|
+
|
|
|
|
+ for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
|
|
|
|
+ {
|
|
|
|
+ /* Decode */
|
|
|
|
+
|
|
|
|
+ if (tv[i].ber == 0)
|
|
|
|
+ {
|
|
|
|
+ str_size = sizeof (str);
|
|
|
|
+ ret =
|
|
|
|
+ asn1_get_octet_der (tv[i].der_str + 1,
|
|
|
|
+ tv[i].der_len - 1, &ret_len, str,
|
|
|
|
+ sizeof (str), &str_size);
|
|
|
|
+ if (ret != tv[i].expected_error)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: asn1_get_octet_der: %s: got %d expected %d\n",
|
|
|
|
+ __LINE__, tv[i].name, ret,
|
|
|
|
+ tv[i].expected_error);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ if (tv[i].expected_error)
|
|
|
|
+ continue;
|
|
|
|
+
|
|
|
|
+ if (ret_len != tv[i].der_len - 1)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: error in DER, length returned is %d, had %d\n",
|
|
|
|
+ __LINE__, ret_len, tv[i].der_len - 1);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (str_size != tv[i].len
|
|
|
|
+ || grub_memcmp (tv[i].string, str, tv[i].len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: memcmp: %s: got invalid decoding\n",
|
|
|
|
+ __LINE__, tv[i].name);
|
|
|
|
+
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ /* Encode */
|
|
|
|
+ der_len = sizeof (der);
|
|
|
|
+ asn1_octet_der (str, str_size, der, &der_len);
|
|
|
|
+
|
|
|
|
+ if (der_len != tv[i].der_len - 1
|
|
|
|
+ || grub_memcmp (tv[i].der_str + 1, der, tv[i].der_len - 1) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "encoding: %s: got invalid encoding\n",
|
|
|
|
+ tv[i].name);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ ret =
|
|
|
|
+ asn1_decode_simple_ber (ASN1_ETYPE_OCTET_STRING,
|
|
|
|
+ tv[i].der_str, tv[i].der_len,
|
|
|
|
+ &tmp, (unsigned int*)&str_size, (unsigned int*)&der_len);
|
|
|
|
+ if (ret != tv[i].expected_error)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: asn1_decode_simple_ber: %s: got %s expected %s\n",
|
|
|
|
+ __LINE__, tv[i].name, asn1_strerror(ret), asn1_strerror(tv[i].expected_error));
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ if (tv[i].expected_error)
|
|
|
|
+ continue;
|
|
|
|
+
|
|
|
|
+ if (der_len != tv[i].der_len)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: error: %s: DER, length returned is %d, had %d\n",
|
|
|
|
+ __LINE__, tv[i].name, der_len, tv[i].der_len);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (str_size != tv[i].len || grub_memcmp (tv[i].string, tmp, tv[i].len) != 0)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal (
|
|
|
|
+ "%d: memcmp: %s: got invalid decoding\n",
|
|
|
|
+ __LINE__, tv[i].name);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ grub_free (tmp);
|
|
|
|
+ tmp = NULL;
|
|
|
|
+
|
|
|
|
+ }
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/reproducers.c b/grub-core/lib/libtasn1_wrap/tests/reproducers.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..dc7268d4c6c
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/reproducers.c
|
|
|
|
@@ -0,0 +1,81 @@
|
|
|
|
+/*
|
|
|
|
+ * Copyright (C) 2019 Free Software Foundation, Inc.
|
|
|
|
+ *
|
|
|
|
+ * This file is part of LIBTASN1.
|
|
|
|
+ *
|
|
|
|
+ * This program is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ *
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+/****************************************************************/
|
|
|
|
+/* Description: run reproducers for several fixed issues */
|
|
|
|
+/****************************************************************/
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+#include <grub/err.h>
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include "../wrap_tests.h"
|
|
|
|
+
|
|
|
|
+#define CONST_DOWN (1U<<29)
|
|
|
|
+
|
|
|
|
+/* produces endless loop (fixed by d4b624b2):
|
|
|
|
+ * The following translates into a single node with all pointers
|
|
|
|
+ * (right,left,down) set to NULL. */
|
|
|
|
+const asn1_static_node endless_asn1_tab[] = {
|
|
|
|
+ { "TEST_TREE", 536875024, NULL },
|
|
|
|
+ { NULL, 0, NULL }
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+/* produces memory leak (fixed by f16d1ff9):
|
|
|
|
+ * 152 bytes in 1 blocks are definitely lost in loss record 1 of 1
|
|
|
|
+ * at 0x4837B65: calloc (vg_replace_malloc.c:762)
|
|
|
|
+ * by 0x4851C0D: _asn1_add_static_node (parser_aux.c:71)
|
|
|
|
+ * by 0x4853AAC: asn1_array2tree (structure.c:200)
|
|
|
|
+ * by 0x10923B: main (single_node.c:67)
|
|
|
|
+ */
|
|
|
|
+const asn1_static_node tab[] = {
|
|
|
|
+{ "a", CONST_DOWN, "" },
|
|
|
|
+{ "b", 0, "" },
|
|
|
|
+{ "c", 0, "" },
|
|
|
|
+{ NULL, 0, NULL }
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+void
|
|
|
|
+test_reproducers (void)
|
|
|
|
+{
|
|
|
|
+ int result;
|
|
|
|
+ asn1_node definitions = NULL;
|
|
|
|
+ char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
|
|
|
|
+
|
|
|
|
+ result = asn1_array2tree (endless_asn1_tab, &definitions, errorDescription);
|
|
|
|
+ if (result != ASN1_SUCCESS)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n",
|
|
|
|
+ asn1_strerror (result), errorDescription);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ asn1_delete_structure (&definitions);
|
|
|
|
+
|
|
|
|
+ definitions = NULL;
|
|
|
|
+ result = asn1_array2tree (tab, &definitions, errorDescription);
|
|
|
|
+ if (result != ASN1_SUCCESS)
|
|
|
|
+ {
|
|
|
|
+ grub_fatal ("Error: %s\nErrorDescription = %s\n\n",
|
|
|
|
+ asn1_strerror (result), errorDescription);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ asn1_delete_structure (&definitions);
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/wrap_tests.c b/grub-core/lib/libtasn1_wrap/wrap_tests.c
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..75fcd21f0d5
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/wrap_tests.c
|
|
|
|
@@ -0,0 +1,75 @@
|
|
|
|
+/*
|
|
|
|
+ * GRUB -- GRand Unified Bootloader
|
|
|
|
+ * Copyright (C) 2020 IBM Corporation
|
|
|
|
+ *
|
|
|
|
+ * GRUB is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * GRUB is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#include <grub/dl.h>
|
|
|
|
+#include <grub/command.h>
|
|
|
|
+#include <grub/mm.h>
|
|
|
|
+#include "wrap_tests.h"
|
|
|
|
+
|
|
|
|
+/*
|
|
|
|
+ * libtasn1 tests - from which this is derived - are provided under GPL3+.
|
|
|
|
+ */
|
|
|
|
+GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
|
+
|
|
|
|
+static grub_command_t cmd;
|
|
|
|
+
|
|
|
|
+static grub_err_t
|
|
|
|
+grub_cmd_asn1test (grub_command_t cmdd __attribute__((unused)),
|
|
|
|
+ int argc __attribute__((unused)),
|
|
|
|
+ char **args __attribute__((unused)))
|
|
|
|
+{
|
|
|
|
+ grub_printf ("test_CVE_2018_1000654\n");
|
|
|
|
+ test_CVE_2018_1000654 ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_object_id_decoding\n");
|
|
|
|
+ test_object_id_decoding ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_object_id_encoding\n");
|
|
|
|
+ test_object_id_encoding ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_octet_string\n");
|
|
|
|
+ test_octet_string ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_overflow\n");
|
|
|
|
+ test_overflow ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_reproducers\n");
|
|
|
|
+ test_overflow ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_simple\n");
|
|
|
|
+ test_simple ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("test_strings\n");
|
|
|
|
+ test_strings ();
|
|
|
|
+
|
|
|
|
+ grub_printf ("ASN.1 self-tests passed\n");
|
|
|
|
+
|
|
|
|
+ return GRUB_ERR_NONE;
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+
|
|
|
|
+GRUB_MOD_INIT(test_asn1)
|
|
|
|
+{
|
|
|
|
+ cmd = grub_register_command ("test_asn1", grub_cmd_asn1test, NULL,
|
|
|
|
+ "Run self-tests for the ASN.1 parser.");
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+GRUB_MOD_FINI(test_asn1)
|
|
|
|
+{
|
|
|
|
+ grub_unregister_command (cmd);
|
|
|
|
+}
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..1e7d3d64f55
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-1_asn1_tab.h
|
|
|
|
@@ -0,0 +1,32 @@
|
|
|
|
+#if HAVE_CONFIG_H
|
|
|
|
+# include "config.h"
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+
|
|
|
|
+const asn1_static_node CVE_2018_1000654_1_asn1_tab[] = {
|
|
|
|
+ { "TEST_TREE", 536875024, NULL },
|
|
|
|
+ { NULL, 1610612748, NULL },
|
|
|
|
+ { "iso", 1073741825, "1"},
|
|
|
|
+ { "identified-organization", 1073741825, "3"},
|
|
|
|
+ { "dod", 1073741825, "6"},
|
|
|
|
+ { "internet", 1073741825, "1"},
|
|
|
|
+ { "security", 1073741825, "5"},
|
|
|
|
+ { "mechanisms", 1073741825, "5"},
|
|
|
|
+ { "pkix", 1073741825, "7"},
|
|
|
|
+ { "id-mod", 1073741825, "0"},
|
|
|
|
+ { "id-pkix1-implicit-88", 1, "2"},
|
|
|
|
+ { "id-xnyTest", 1879048204, NULL },
|
|
|
|
+ { NULL, 1073741825, "id-ix"},
|
|
|
|
+ { NULL, 1073741825, "29"},
|
|
|
|
+ { NULL, 1, "1"},
|
|
|
|
+ { "id-ix", 1880096780, "OBJECR"},
|
|
|
|
+ { NULL, 1073741825, "id-ix"},
|
|
|
|
+ { NULL, 1073741825, "29"},
|
|
|
|
+ { NULL, 1, "2"},
|
|
|
|
+ { "id-xnyTest", 805306380, NULL },
|
|
|
|
+ { NULL, 1073741825, "id-ix"},
|
|
|
|
+ { NULL, 1073741825, "29"},
|
|
|
|
+ { NULL, 1, "1"},
|
|
|
|
+ { NULL, 0, NULL }
|
|
|
|
+};
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..e2561e5ec6d
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/tests/CVE-2018-1000654-2_asn1_tab.h
|
|
|
|
@@ -0,0 +1,36 @@
|
|
|
|
+#if HAVE_CONFIG_H
|
|
|
|
+# include "config.h"
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
+#include <grub/libtasn1.h>
|
|
|
|
+
|
|
|
|
+const asn1_static_node CVE_2018_1000654_2_asn1_tab[] = {
|
|
|
|
+ { "TEST_TREE", 536875024, NULL },
|
|
|
|
+ { NULL, 1610612748, NULL },
|
|
|
|
+ { "iso", 1073741825, "1"},
|
|
|
|
+ { "identified-organization", 1073741825, "3"},
|
|
|
|
+ { "dod", 1073741825, "6"},
|
|
|
|
+ { "internet", 1073741825, "1"},
|
|
|
|
+ { "security", 1073741825, "5"},
|
|
|
|
+ { "mechanisms", 1073741825, "5"},
|
|
|
|
+ { "pkix", 1073741825, "7"},
|
|
|
|
+ { "id-mod", 1073741825, "0"},
|
|
|
|
+ { "id-pkix1-implicit-88", 1, "2"},
|
|
|
|
+ { "id-oneTest", 1879048204, NULL },
|
|
|
|
+ { NULL, 1073741825, "id-two"},
|
|
|
|
+ { NULL, 1073741825, "9"},
|
|
|
|
+ { NULL, 1, "1"},
|
|
|
|
+ { "id-two", 1879048204, NULL },
|
|
|
|
+ { NULL, 1073741825, "id-three"},
|
|
|
|
+ { NULL, 1073741825, "2"},
|
|
|
|
+ { NULL, 1, "2"},
|
|
|
|
+ { "id-three", 1879048204, NULL },
|
|
|
|
+ { NULL, 1073741825, "id-four"},
|
|
|
|
+ { NULL, 1073741825, "3"},
|
|
|
|
+ { NULL, 1, "3"},
|
|
|
|
+ { "id-four", 805306380, NULL },
|
|
|
|
+ { NULL, 1073741825, "id-two"},
|
|
|
|
+ { NULL, 1073741825, "3"},
|
|
|
|
+ { NULL, 1, "3"},
|
|
|
|
+ { NULL, 0, NULL }
|
|
|
|
+};
|
|
|
|
diff --git a/grub-core/lib/libtasn1_wrap/wrap_tests.h b/grub-core/lib/libtasn1_wrap/wrap_tests.h
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..555e56dd202
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/grub-core/lib/libtasn1_wrap/wrap_tests.h
|
|
|
|
@@ -0,0 +1,38 @@
|
|
|
|
+/*
|
|
|
|
+ * GRUB -- GRand Unified Bootloader
|
|
|
|
+ * Copyright (C) 2020 IBM Corporation
|
|
|
|
+ *
|
|
|
|
+ * GRUB is free software: you can redistribute it and/or modify
|
|
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
|
|
+ * the Free Software Foundation, either version 3 of the License, or
|
|
|
|
+ * (at your option) any later version.
|
|
|
|
+ *
|
|
|
|
+ * GRUB is distributed in the hope that it will be useful,
|
|
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
+ * GNU General Public License for more details.
|
|
|
|
+ *
|
|
|
|
+ * You should have received a copy of the GNU General Public License
|
|
|
|
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+#ifndef LIBTASN1_WRAP_TESTS_H
|
|
|
|
+#define LIBTASN1_WRAP_TESTS_H
|
|
|
|
+
|
|
|
|
+void test_CVE_2018_1000654 (void);
|
|
|
|
+
|
|
|
|
+void test_object_id_encoding (void);
|
|
|
|
+
|
|
|
|
+void test_object_id_decoding (void);
|
|
|
|
+
|
|
|
|
+void test_octet_string (void);
|
|
|
|
+
|
|
|
|
+void test_overflow (void);
|
|
|
|
+
|
|
|
|
+void test_reproducers (void);
|
|
|
|
+
|
|
|
|
+void test_simple (void);
|
|
|
|
+
|
|
|
|
+void test_strings (void);
|
|
|
|
+
|
|
|
|
+#endif
|
|
|
|
diff --git a/.gitignore b/.gitignore
|
2022-11-15 06:57:52 +00:00
|
|
|
index 594d0134d33..856e69bc5c1 100644
|
2022-05-17 10:25:31 +00:00
|
|
|
--- a/.gitignore
|
|
|
|
+++ b/.gitignore
|
|
|
|
@@ -264,6 +264,7 @@ widthspec.bin
|
|
|
|
/stamp-h1
|
|
|
|
/syslinux_test
|
|
|
|
/tar_test
|
|
|
|
+/test_asn1
|
|
|
|
/test_sha512sum
|
|
|
|
/test_unset
|
|
|
|
/tests/syslinux/ubuntu10.04_grub.cfg
|
|
|
|
diff --git a/tests/test_asn1.in b/tests/test_asn1.in
|
|
|
|
new file mode 100644
|
2022-11-15 06:57:52 +00:00
|
|
|
index 00000000000..8173c5c270e
|
2022-05-17 10:25:31 +00:00
|
|
|
--- /dev/null
|
|
|
|
+++ b/tests/test_asn1.in
|
|
|
|
@@ -0,0 +1,12 @@
|
|
|
|
+#! @BUILD_SHEBANG@
|
|
|
|
+set -e
|
|
|
|
+
|
|
|
|
+. "@builddir@/grub-core/modinfo.sh"
|
|
|
|
+
|
|
|
|
+out=`echo test_asn1 | @builddir@/grub-shell`
|
|
|
|
+
|
|
|
|
+if [ "$(echo "$out" | tail -n 1)" != "ASN.1 self-tests passed" ]; then
|
|
|
|
+ echo "ASN.1 test failure: $out"
|
|
|
|
+ exit 1
|
|
|
|
+fi
|
|
|
|
+
|