From c4f02c22b53e19a2445ee13865dc5e0e04c84359 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Tue, 10 Nov 2015 19:13:38 +0700 Subject: Add BerBitString and improve "unused bit" handling --- crypto/test/src/asn1/test/BitStringTest.cs | 118 ++++++++++++++++++--- .../test/src/crypto/tls/test/TlsTestClientImpl.cs | 6 +- crypto/test/src/test/PKCS10CertRequestTest.cs | 6 +- 3 files changed, 108 insertions(+), 22 deletions(-) (limited to 'crypto/test') diff --git a/crypto/test/src/asn1/test/BitStringTest.cs b/crypto/test/src/asn1/test/BitStringTest.cs index 3a2dc3156..fccaf8fa0 100644 --- a/crypto/test/src/asn1/test/BitStringTest.cs +++ b/crypto/test/src/asn1/test/BitStringTest.cs @@ -4,44 +4,132 @@ using System.IO; using NUnit.Framework; using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Utilities.Test; namespace Org.BouncyCastle.Asn1.Tests { [TestFixture] public class BitStringTest - : ITest + : SimpleTest { - public ITestResult Perform() + private void DoTestZeroLengthStrings() + { + // basic construction + DerBitString s1 = new DerBitString(new byte[0], 0); + + s1.GetBytes(); + + if (!Arrays.AreEqual(s1.GetEncoded(), Hex.Decode("030100"))) + { + Fail("zero encoding wrong"); + } + + try + { + new DerBitString(null, 1); + Fail("exception not thrown"); + } + catch (ArgumentNullException e) + { + //if (!"data cannot be null".Equals(e.Message)) + //{ + // Fail("Unexpected exception"); + //} + } + + try + { + new DerBitString(new byte[0], 1); + Fail("exception not thrown"); + } + catch (ArgumentException e) + { + //if (!"zero length data with non-zero pad bits".Equals(e.Message)) + //{ + // Fail("Unexpected exception"); + //} + } + + try + { + new DerBitString(new byte[1], 8); + Fail("exception not thrown"); + } + catch (ArgumentException e) + { + //if (!"pad bits cannot be greater than 7 or less than 0".Equals(e.Message)) + //{ + // Fail("Unexpected exception"); + //} + } + + DerBitString s2 = new DerBitString(0); + if (!Arrays.AreEqual(s1.GetEncoded(), s2.GetEncoded())) + { + Fail("zero encoding wrong"); + } + } + + private void DoTestRandomPadBits() + { + byte[] test = Hex.Decode("030206c0"); + + byte[] test1 = Hex.Decode("030206f0"); + byte[] test2 = Hex.Decode("030206c1"); + byte[] test3 = Hex.Decode("030206c7"); + byte[] test4 = Hex.Decode("030206d1"); + + EncodingCheck(test, test1); + EncodingCheck(test, test2); + EncodingCheck(test, test3); + EncodingCheck(test, test4); + } + + private void EncodingCheck(byte[] derData, byte[] dlData) + { + if (Arrays.AreEqual(derData, Asn1Object.FromByteArray(dlData).GetEncoded())) + { + //Fail("failed DL check"); + Fail("failed BER check"); + } + if (!Arrays.AreEqual(derData, Asn1Object.FromByteArray(dlData).GetDerEncoded())) + { + Fail("failed DER check"); + } + } + + public override void PerformTest() { KeyUsage k = new KeyUsage(KeyUsage.DigitalSignature); if ((k.GetBytes()[0] != (byte)KeyUsage.DigitalSignature) || (k.PadBits != 7)) { - return new SimpleTestResult(false, Name + ": failed digitalSignature"); + Fail("failed digitalSignature"); } k = new KeyUsage(KeyUsage.NonRepudiation); if ((k.GetBytes()[0] != (byte)KeyUsage.NonRepudiation) || (k.PadBits != 6)) { - return new SimpleTestResult(false, Name + ": failed nonRepudiation"); + Fail("failed nonRepudiation"); } k = new KeyUsage(KeyUsage.KeyEncipherment); if ((k.GetBytes()[0] != (byte)KeyUsage.KeyEncipherment) || (k.PadBits != 5)) { - return new SimpleTestResult(false, Name + ": failed keyEncipherment"); + Fail("failed keyEncipherment"); } k = new KeyUsage(KeyUsage.CrlSign); if ((k.GetBytes()[0] != (byte)KeyUsage.CrlSign) || (k.PadBits != 1)) { - return new SimpleTestResult(false, Name + ": failed cRLSign"); + Fail("failed cRLSign"); } k = new KeyUsage(KeyUsage.DecipherOnly); if ((k.GetBytes()[1] != (byte)(KeyUsage.DecipherOnly >> 8)) || (k.PadBits != 7)) { - return new SimpleTestResult(false, Name + ": failed decipherOnly"); + Fail("failed decipherOnly"); } // test for zero length bit string @@ -51,27 +139,25 @@ namespace Org.BouncyCastle.Asn1.Tests } catch (IOException e) { - return new SimpleTestResult(false, Name + ": " + e); + Fail(e.ToString()); } - return new SimpleTestResult(true, Name + ": Okay"); + DoTestRandomPadBits(); + DoTestZeroLengthStrings(); } - public string Name + public override string Name { get { return "BitString"; } } - public static void Main( + public static void Main( string[] args) { - ITest test = new BitStringTest(); - ITestResult result = test.Perform(); - - Console.WriteLine(result); + RunTest(new BitStringTest()); } - [Test] + [Test] public void TestFunction() { string resultText = Perform().ToString(); diff --git a/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs b/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs index 48af9e0f8..0cc1883ba 100644 --- a/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs +++ b/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs @@ -128,14 +128,14 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests Asn1EncodableVector v = new Asn1EncodableVector(); v.Add(cert.TbsCertificate); v.Add(cert.SignatureAlgorithm); - v.Add(CorruptBitString(cert.Signature)); + v.Add(CorruptSignature(cert.Signature)); return X509CertificateStructure.GetInstance(new DerSequence(v)); } - protected virtual DerBitString CorruptBitString(DerBitString bs) + protected virtual DerBitString CorruptSignature(DerBitString bs) { - return new DerBitString(CorruptBit(bs.GetBytes())); + return new DerBitString(CorruptBit(bs.GetOctets())); } protected virtual byte[] CorruptBit(byte[] bs) diff --git a/crypto/test/src/test/PKCS10CertRequestTest.cs b/crypto/test/src/test/PKCS10CertRequestTest.cs index 819439cd8..ba62db32f 100644 --- a/crypto/test/src/test/PKCS10CertRequestTest.cs +++ b/crypto/test/src/test/PKCS10CertRequestTest.cs @@ -210,7 +210,7 @@ namespace Org.BouncyCastle.Tests byte[] b = req.GetCertificationRequestInfo().GetEncoded(); sig.BlockUpdate(b, 0, b.Length); - if (!sig.VerifySignature(req.Signature.GetBytes())) + if (!sig.VerifySignature(req.GetSignatureOctets())) { Fail("signature not mapped correctly."); } @@ -264,7 +264,7 @@ namespace Org.BouncyCastle.Tests byte[] b = req.GetCertificationRequestInfo().GetEncoded(); sig.BlockUpdate(b, 0, b.Length); - if (!sig.VerifySignature(req.Signature.GetBytes())) + if (!sig.VerifySignature(req.GetSignatureOctets())) { Fail("signature not mapped correctly."); } @@ -325,7 +325,7 @@ namespace Org.BouncyCastle.Tests byte[] encoded = req.GetCertificationRequestInfo().GetEncoded(); sig.BlockUpdate(encoded, 0, encoded.Length); - if (!sig.VerifySignature(req.Signature.GetBytes())) + if (!sig.VerifySignature(req.GetSignatureOctets())) { Fail("signature not mapped correctly."); } -- cgit 1.4.1