1package pgp
2
3import (
4 "errors"
5 "strconv"
6 "strings"
7 "testing"
8)
9
10// TestParseASN1Signature_TruncatedDoesNotPanic covers the bounds-check path
11// added for #613. Each input would have panicked in the original parser
12// with "index out of range"; here we expect a typed error instead.
13func TestParseASN1Signature_TruncatedDoesNotPanic(t *testing.T) {
14 cases := []struct {
15 name string
16 der []byte
17 wantErr string
18 }{
19 {
20 // Length byte declares 0x10 bytes of R but only 1 byte follows.
21 name: "R length overruns buffer",
22 der: []byte{0x30, 0x06, 0x02, 0x10, 0xAA, 0x00},
23 wantErr: "R length overflow",
24 },
25 {
26 // Length byte declares 0x10 bytes of S but only 1 byte follows.
27 name: "S length overruns buffer",
28 der: []byte{0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x10, 0xAA},
29 wantErr: "S length overflow",
30 },
31 {
32 // Valid R, then no S block at all.
33 name: "missing S after R",
34 der: []byte{0x30, 0x06, 0x02, 0x01, 0x01, 0x00},
35 wantErr: "expected INTEGER tag for S",
36 },
37 }
38
39 for _, tc := range cases {
40 t.Run(tc.name, func(t *testing.T) {
41 // The test must not panic: the fix replaces panics with errors.
42 defer func() {
43 if r := recover(); r != nil {
44 t.Fatalf("parseASN1Signature panicked: %v", r)
45 }
46 }()
47 _, _, err := parseASN1Signature(tc.der)
48 if err == nil {
49 t.Fatalf("want error, got nil")
50 }
51 if !strings.Contains(err.Error(), tc.wantErr) {
52 t.Fatalf("error = %q, want it to mention %q", err.Error(), tc.wantErr)
53 }
54 })
55 }
56}
57
58// TestParseASN1Signature_WellFormed guards against regressions in the
59// happy path: a minimal SEQUENCE { INTEGER, INTEGER } must still decode
60// to the original r and s bytes.
61func TestParseASN1Signature_WellFormed(t *testing.T) {
62 // SEQUENCE (6 bytes) { INTEGER 0x01, INTEGER 0x02 }
63 der := []byte{0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x02}
64
65 r, s, err := parseASN1Signature(der)
66 if err != nil {
67 t.Fatalf("unexpected error: %v", err)
68 }
69 if len(r) != 1 || r[0] != 0x01 {
70 t.Errorf("r = %x, want 01", r)
71 }
72 if len(s) != 1 || s[0] != 0x02 {
73 t.Errorf("s = %x, want 02", s)
74 }
75}
76
77func TestGenerateMIMEBoundaryUsesCryptoRandomBytes(t *testing.T) {
78 oldRandRead := randRead
79 defer func() { randRead = oldRandRead }()
80
81 randRead = func(p []byte) (int, error) {
82 for i := range p {
83 p[i] = byte(i)
84 }
85 return len(p), nil
86 }
87
88 got := generateMIMEBoundary()
89 want := "----=_Part_000102030405060708090a0b0c0d0e0f"
90 if got != want {
91 t.Fatalf("boundary = %q, want %q", got, want)
92 }
93}
94
95func TestGenerateMIMEBoundaryFallsBackToUnixNano(t *testing.T) {
96 oldRandRead := randRead
97 defer func() { randRead = oldRandRead }()
98
99 randRead = func(_ []byte) (int, error) {
100 return 0, errors.New("random source unavailable")
101 }
102
103 const prefix = "----=_Part_"
104 got := generateMIMEBoundary()
105 if !strings.HasPrefix(got, prefix) {
106 t.Fatalf("boundary = %q, want prefix %q", got, prefix)
107 }
108 if _, err := strconv.ParseInt(strings.TrimPrefix(got, prefix), 10, 64); err != nil {
109 t.Fatalf("fallback boundary suffix is not a UnixNano timestamp: %v", err)
110 }
111}