Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
authorBrian Smith <brian@briansmith.org>
Sat, 30 Aug 2014 23:27:15 -0700
changeset 14687 101b4b6d8849b35e1fc1a0a2d2af560f311119a7
parent 14686 88a132d5b1ab3f40e7634f2fc8727e72eb6653ab
child 14688 46250b0120be54f846ee230a45274015f13306c3
push id3202
push userfranziskuskiefer@gmail.com
push dateMon, 01 Oct 2018 08:30:12 +0000
reviewerskeeler
bugs1061021
Bug 1061021, Part 16: Stop using PLArenaPool in pkixocsp_CreateEncodedOCSPRequest, r=keeler
lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp
--- a/lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp
+++ b/lib/mozpkix/test/gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp
@@ -78,46 +78,16 @@ private:
   {
     return ::mozilla::pkix::CheckPublicKey(subjectPublicKeyInfo);
   }
 };
 
 class pkixocsp_CreateEncodedOCSPRequest : public NSSTest
 {
 protected:
-  // These SECItems are allocated in arena, and so will be auto-cleaned.
-  SECItem* unsupportedLongSerialNumber;
-  SECItem* longestRequiredSerialNumber;
-
-  void SetUp()
-  {
-    static const uint8_t UNSUPPORTED_LEN = 128; // must be larger than 127
-    // tag + length + value is 1 + 2 + UNSUPPORTED_LEN
-    unsupportedLongSerialNumber = SECITEM_AllocItem(arena.get(), nullptr,
-                                                    1 + 2 + UNSUPPORTED_LEN);
-    memset(unsupportedLongSerialNumber->data, 0,
-           unsupportedLongSerialNumber->len);
-    unsupportedLongSerialNumber->data[0] = der::INTEGER;
-    // Encoding the length takes two bytes: one byte to indicate that a
-    // second byte follows, and the second byte to indicate the length.
-    unsupportedLongSerialNumber->data[1] = 0x80 + 1;
-    unsupportedLongSerialNumber->data[2] = UNSUPPORTED_LEN;
-    unsupportedLongSerialNumber->data[3] = 0x01; // value is 0x010000...00
-
-    static const uint8_t LONGEST_REQUIRED_LEN = 20;
-    // tag + length + value is 1 + 1 + LONGEST_REQUIRED_LEN
-    longestRequiredSerialNumber = SECITEM_AllocItem(arena.get(), nullptr,
-                                    1 + 1 + LONGEST_REQUIRED_LEN);
-    memset(longestRequiredSerialNumber->data, 0,
-           longestRequiredSerialNumber->len);
-    longestRequiredSerialNumber->data[0] = der::INTEGER;
-    longestRequiredSerialNumber->data[1] = LONGEST_REQUIRED_LEN;
-    longestRequiredSerialNumber->data[2] = 0x01; // value is 0x010000...00
-  }
-
   void MakeIssuerCertIDComponents(const char* issuerASCII,
                                   /*out*/ ByteString& issuerDER,
                                   /*out*/ ByteString& issuerSPKI)
   {
     issuerDER = CNToDERName(issuerASCII);
     ASSERT_NE(ENCODING_FAILED, issuerDER);
 
     ScopedSECKEYPublicKey issuerPublicKey;
@@ -133,57 +103,83 @@ protected:
 
   CreateEncodedOCSPRequestTrustDomain trustDomain;
 };
 
 // Test that the large length of the child serial number causes
 // CreateEncodedOCSPRequest to fail.
 TEST_F(pkixocsp_CreateEncodedOCSPRequest, ChildCertLongSerialNumberTest)
 {
+  static const uint8_t UNSUPPORTED_LEN = 128; // must be larger than 127
+
+  ByteString serialNumberString;
+  // tag + length + value is 1 + 2 + UNSUPPORTED_LEN
+  // Encoding the length takes two bytes: one byte to indicate that a
+  // second byte follows, and the second byte to indicate the length.
+  serialNumberString.push_back(0x80 + 1);
+  serialNumberString.push_back(UNSUPPORTED_LEN);
+  // value is 0x010000...00
+  serialNumberString.push_back(0x01);
+  for (size_t i = 1; i < UNSUPPORTED_LEN; ++i) {
+    serialNumberString.push_back(0x00);
+  }
+
   ByteString issuerDER;
   ByteString issuerSPKI;
   ASSERT_NO_FATAL_FAILURE(MakeIssuerCertIDComponents("CA", issuerDER,
                                                      issuerSPKI));
 
   Input issuer;
   ASSERT_EQ(Success, issuer.Init(issuerDER.data(), issuerDER.length()));
 
   Input spki;
   ASSERT_EQ(Success, spki.Init(issuerSPKI.data(), issuerSPKI.length()));
 
   Input serialNumber;
-  ASSERT_EQ(Success, serialNumber.Init(unsupportedLongSerialNumber->data,
-                                       unsupportedLongSerialNumber->len));
+  ASSERT_EQ(Success, serialNumber.Init(serialNumberString.data(),
+                                       serialNumberString.length()));
 
   uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
   size_t ocspRequestLength;
   ASSERT_EQ(Result::ERROR_BAD_DER,
             CreateEncodedOCSPRequest(trustDomain,
                                      CertID(issuer, spki, serialNumber),
                                      ocspRequest, ocspRequestLength));
 }
 
 // Test that CreateEncodedOCSPRequest handles the longest serial number that
 // it's required to support (i.e. 20 octets).
 TEST_F(pkixocsp_CreateEncodedOCSPRequest, LongestSupportedSerialNumberTest)
 {
+  static const uint8_t LONGEST_REQUIRED_LEN = 20;
+
+  ByteString serialNumberString;
+  // tag + length + value is 1 + 1 + LONGEST_REQUIRED_LEN
+  serialNumberString.push_back(der::INTEGER);
+  serialNumberString.push_back(LONGEST_REQUIRED_LEN);
+  serialNumberString.push_back(0x01);
+  // value is 0x010000...00
+  for (size_t i = 1; i < LONGEST_REQUIRED_LEN; ++i) {
+    serialNumberString.push_back(0x00);
+  }
+
   ByteString issuerDER;
   ByteString issuerSPKI;
   ASSERT_NO_FATAL_FAILURE(MakeIssuerCertIDComponents("CA", issuerDER,
                                                      issuerSPKI));
 
   Input issuer;
   ASSERT_EQ(Success, issuer.Init(issuerDER.data(), issuerDER.length()));
 
   Input spki;
   ASSERT_EQ(Success, spki.Init(issuerSPKI.data(), issuerSPKI.length()));
 
   Input serialNumber;
-  ASSERT_EQ(Success, serialNumber.Init(longestRequiredSerialNumber->data,
-                                       longestRequiredSerialNumber->len));
+  ASSERT_EQ(Success, serialNumber.Init(serialNumberString.data(),
+                                       serialNumberString.length()));
 
   uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
   size_t ocspRequestLength;
   ASSERT_EQ(Success,
             CreateEncodedOCSPRequest(trustDomain,
                                      CertID(issuer, spki, serialNumber),
                                      ocspRequest, ocspRequestLength));
 }