Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upstream merge 2023 05 05 #997

Merged
merged 15 commits into from
May 9, 2023
Merged

Upstream merge 2023 05 05 #997

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
9e87594
Fix ninja run_tests
davidben Feb 27, 2023
1df42cc
Use the common location for CMake in the bots
davidben Feb 27, 2023
8341f23
Fix use of unitialized cbb on failure case.
Mar 2, 2023
f81204a
Add a few more assertions to compiler_test.cc.
davidben Mar 2, 2023
2f55cf3
Plug a leak in ASN1_item_i2d()
botovq Mar 5, 2023
de14e2f
Work around a NASM bug
davidben Mar 6, 2023
129ee9e
test_fips: flush stdout before aborting on failure.
prbprbprb Aug 25, 2022
64afe9b
Add prefetch to sha1_block_data_order_shaext
TocarIP Mar 6, 2023
c824909
Add OPENSSL_EXPORT to BN_mod_inverse_blinded
rrliu Mar 9, 2023
1acfe0d
Test that X509_NAMEs sort their RDNs when encoding.
davidben Mar 14, 2023
3445f4c
Const-correct and document a few functions in x509v3.h.
davidben Mar 14, 2023
ad737f9
Add CTRDBG_STATE to bssl::UniquePtr
davidben Mar 15, 2023
c67c1ac
Add a test for OPTIONAL CHOICE values
davidben Mar 12, 2023
7c2b740
Update build files in generated-src
samuel40791765 May 5, 2023
5671f65
Remove EVP_PKEY_ASN1_METHOD and EVP_PKEY_METHOD from public headers
davidben Mar 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Test that X509_NAMEs sort their RDNs when encoding. 
RDNs are a SET OF attributes which means they should be sorted by
DER encoding length, then lexicographically. We didn't have any test
coverage for this.

Bug: 548
Change-Id: I542196aae26984aeee4f1c6774878b121675b0dc
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58025
Commit-Queue: Bob Beck <[email protected]>
Reviewed-by: Bob Beck <[email protected]>
Auto-Submit: David Benjamin <[email protected]>
(cherry picked from commit d0cff637a25b8323578729a01575b62001967bc8)
  • Loading branch information
@davidben @samuel40791765
davidben authored and samuel40791765 committed May 9, 2023
commit 1acfe0d28c7d9ab1235c6c279de80bbed4c6bff0
80 changes: 80 additions & 0 deletions crypto/x509/x509_test.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6093,3 +6093,83 @@ TEST(X509Test, AddUnserializableExtension) {
ASSERT_TRUE(X509_EXTENSION_set_object(ext.get(), OBJ_nid2obj(NID_undef)));
EXPECT_FALSE(X509_add_ext(x509.get(), ext.get(), /*loc=*/-1));
}

// Test that, when constructing an |X509_NAME|, names are sorted by DER order.
TEST(X509Test, SortRDN) {
bssl::UniquePtr<X509_NAME> name(X509_NAME_new());
ASSERT_TRUE(name);

auto append_entry_new_rdn = [&](const char *str) {
return X509_NAME_add_entry_by_NID(name.get(), NID_commonName, MBSTRING_ASC,
reinterpret_cast<const uint8_t *>(str),
strlen(str), /*loc=*/-1, /*set=*/0);
};
auto append_entry_prev_rdn = [&](const char *str) {
return X509_NAME_add_entry_by_NID(name.get(), NID_commonName, MBSTRING_ASC,
reinterpret_cast<const uint8_t *>(str),
strlen(str), /*loc=*/-1, /*set=*/-1);
};

// This is the sort order to expect.
ASSERT_TRUE(append_entry_new_rdn("A"));
ASSERT_TRUE(append_entry_prev_rdn("B"));
ASSERT_TRUE(append_entry_prev_rdn("AA"));
ASSERT_TRUE(append_entry_prev_rdn("AB"));

// The same RDN, with entries added in a different order.
ASSERT_TRUE(append_entry_new_rdn("AB"));
ASSERT_TRUE(append_entry_prev_rdn("AA"));
ASSERT_TRUE(append_entry_prev_rdn("B"));
ASSERT_TRUE(append_entry_prev_rdn("A"));

// The same RDN, with entries added in a different order.
ASSERT_TRUE(append_entry_new_rdn("A"));
ASSERT_TRUE(append_entry_prev_rdn("AA"));
ASSERT_TRUE(append_entry_prev_rdn("B"));
ASSERT_TRUE(append_entry_prev_rdn("AB"));

uint8_t *der = nullptr;
int der_len = i2d_X509_NAME(name.get(), &der);
ASSERT_GT(der_len, 0);
bssl::UniquePtr<uint8_t> free_der(der);

// SEQUENCE {
// SET {
// SEQUENCE {
// # commonName
// OBJECT_IDENTIFIER { 2.5.4.3 }
// UTF8String { "A" }
// }
// SEQUENCE {
// # commonName
// OBJECT_IDENTIFIER { 2.5.4.3 }
// UTF8String { "B" }
// }
// SEQUENCE {
// # commonName
// OBJECT_IDENTIFIER { 2.5.4.3 }
// UTF8String { "AA" }
// }
// SEQUENCE {
// # commonName
// OBJECT_IDENTIFIER { 2.5.4.3 }
// UTF8String { "AB" }
// }
// }
// ...two more copies of the above SET...
// }
static uint8_t kExpected[] = {
0x30, 0x81, 0x84, 0x31, 0x2a, 0x30, 0x08, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0c, 0x01, 0x41, 0x30, 0x08, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x01,
0x42, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x41, 0x41,
0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x41, 0x42, 0x31,
0x2a, 0x30, 0x08, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x01, 0x41, 0x30,
0x08, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x01, 0x42, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x41, 0x41, 0x30, 0x09, 0x06, 0x03,
0x55, 0x04, 0x03, 0x0c, 0x02, 0x41, 0x42, 0x31, 0x2a, 0x30, 0x08, 0x06,
0x03, 0x55, 0x04, 0x03, 0x0c, 0x01, 0x41, 0x30, 0x08, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x01, 0x42, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0c, 0x02, 0x41, 0x41, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x02, 0x41, 0x42};
EXPECT_EQ(Bytes(kExpected), Bytes(der, der_len));
}