From af3daeff630e8d1a3434622acd7247fd2c7f3919 Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Fri, 27 Jun 2014 15:21:48 -0700 Subject: [PATCH] Bug 1031542: Add test case for key usage without any value bits, r=keeler --HG-- extra : rebase_source : 25bdc0db6b042fe6fbba61b80cb8a4ac7cb588eb --- .../gtest/pkixcheck_CheckKeyUsage_tests.cpp | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp b/security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp index ba639f25bd46..6a9bf44e5436 100644 --- a/security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp +++ b/security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp @@ -134,6 +134,40 @@ TEST(pkixchekc_CheckKeyusage, tooManyUnusedBits) KeyUsage::digitalSignature)); } +TEST(pkixcheck_CheckKeyUsage, NoValueBytes_NoPaddingBits) +{ + static const uint8_t DER_BYTES[] = { + 0x03/*BIT STRING*/, 0x01/*LENGTH=1*/, 0/*unused bits*/ + }; + static const SECItem DER = { + siBuffer, + const_cast(DER_BYTES), + sizeof(DER_BYTES) + }; + + ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &DER, + KeyUsage::digitalSignature)); + ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &DER, + KeyUsage::keyCertSign)); +} + +TEST(pkixcheck_CheckKeyUsage, NoValueBytes_7PaddingBits) +{ + static const uint8_t DER_BYTES[] = { + 0x03/*BIT STRING*/, 0x01/*LENGTH=1*/, 7/*unused bits*/ + }; + static const SECItem DER = { + siBuffer, + const_cast(DER_BYTES), + sizeof(DER_BYTES) + }; + + ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &DER, + KeyUsage::digitalSignature)); + ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &DER, + KeyUsage::keyCertSign)); +} + void ASSERT_SimpleCase(uint8_t unusedBits, uint8_t bits, KeyUsage usage) { // Test that only the right bit is accepted for the usage for both EE and CA