From 321adb297c1c19be2d2120658cd43929e5f3faa4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:18:21 +0200 Subject: [PATCH] ASN1 tests: Match "Empty INTEGER" with the actual library behavior mbedtls_asn1_get_int() and mbedtls_asn1_get_mpi() behave differently on an empty INTEGER (0200). Don't change the library behavior for now because this might break interoperability in some applications. Write a test function that matches the library behavior. --- tests/suites/test_suite_asn1parse.data | 3 +- tests/suites/test_suite_asn1parse.function | 35 ++++++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index c5d9136b7..e9172413d 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -164,8 +164,7 @@ Not BOOLEAN get_boolean:"020101":0:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG Empty INTEGER -depends_on:SUPPORT_NEGATIVE_INTEGERS -get_integer:"0200":"":MBEDTLS_ERR_ASN1_INVALID_LENGTH +empty_integer:"0200" INTEGER 0 get_integer:"020100":"0":0 diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 049763142..f794db7fc 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -250,6 +250,41 @@ void get_boolean( const data_t *input, } /* END_CASE */ +/* BEGIN_CASE */ +void empty_integer( const data_t *input ) +{ + unsigned char *p; +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi actual_mpi; +#endif + int val; + +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_init( & actual_mpi ); +#endif + + /* An INTEGER with no content is not valid. */ + p = input->x; + TEST_EQUAL( mbedtls_asn1_get_int( &p, input->x + input->len, &val ), + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + +#if defined(MBEDTLS_BIGNUM_C) + /* INTEGERs are sometimes abused as bitstrings, so the library accepts + * an INTEGER with empty content and gives it the value 0. */ + p = input->x; + TEST_EQUAL( mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ), + 0 ); + TEST_EQUAL( mbedtls_mpi_cmp_int( &actual_mpi, 0 ), 0 ); +#endif + +exit: +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_free( &actual_mpi ); +#endif + /*empty cleanup in some configurations*/ ; +} +/* END_CASE */ + /* BEGIN_CASE */ void get_integer( const data_t *input, const char *expected_hex, int expected_result )