Bug 1031542: Add test case for key usage without any value bits, r=keeler, a=test-only
authorBrian Smith <brian@briansmith.org>
Fri, 27 Jun 2014 15:21:48 -0700
changeset 208596 6cd5f4c61978d731a36551c51b31fcfd49d02010
parent 208595 14d4b1f1aab3a3d8741624864b186e7b9e0dd7f1
child 208597 61e420e597b0e3a43daf2a1595182ef21a181d57
push id494
push userraliiev@mozilla.com
push dateMon, 25 Aug 2014 18:42:16 +0000
treeherdermozilla-release@a3cc3e46b571 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler, test-only
bugs1031542
milestone32.0a2
Bug 1031542: Add test case for key usage without any value bits, r=keeler, a=test-only
security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp
--- a/security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp
+++ b/security/pkix/test/gtest/pkixcheck_CheckKeyUsage_tests.cpp
@@ -129,16 +129,50 @@ TEST(pkixchekc_CheckKeyusage, tooManyUnu
     siBuffer,
     twoValueBytesData,
     sizeof(twoValueBytesData)
   };
   ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &twoValueBytes,
                            KeyUsage::digitalSignature));
 }
 
+TEST(pkixcheck_CheckKeyUsage, NoValueBytes_NoPaddingBits)
+{
+  static const uint8_t DER_BYTES[] = {
+    0x03/*BIT STRING*/, 0x01/*LENGTH=1*/, 0/*unused bits*/
+  };
+  static const SECItem DER = {
+    siBuffer,
+    const_cast<uint8_t*>(DER_BYTES),
+    sizeof(DER_BYTES)
+  };
+
+  ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &DER,
+                           KeyUsage::digitalSignature));
+  ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &DER,
+                           KeyUsage::keyCertSign));
+}
+
+TEST(pkixcheck_CheckKeyUsage, NoValueBytes_7PaddingBits)
+{
+  static const uint8_t DER_BYTES[] = {
+    0x03/*BIT STRING*/, 0x01/*LENGTH=1*/, 7/*unused bits*/
+  };
+  static const SECItem DER = {
+    siBuffer,
+    const_cast<uint8_t*>(DER_BYTES),
+    sizeof(DER_BYTES)
+  };
+
+  ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &DER,
+                           KeyUsage::digitalSignature));
+  ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &DER,
+                           KeyUsage::keyCertSign));
+}
+
 void ASSERT_SimpleCase(uint8_t unusedBits, uint8_t bits, KeyUsage usage)
 {
   // Test that only the right bit is accepted for the usage for both EE and CA
   // certs.
   NAMED_SIMPLE_KU(good, unusedBits, bits);
   ASSERT_Success(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &good, usage));
   ASSERT_Success(CheckKeyUsage(EndEntityOrCA::MustBeCA, &good, usage));