2 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the OpenSSL license (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
14 use OpenSSL::Test qw/:DEFAULT srctop_file/;
20 ok(run(test(["d2i_test", "X509", "decode",
21 srctop_file('test','d2i-tests','bad_cert.der')])),
22 "Running d2i_test bad_cert.der");
24 ok(run(test(["d2i_test", "GENERAL_NAME", "decode",
25 srctop_file('test','d2i-tests','bad_generalname.der')])),
26 "Running d2i_test bad_generalname.der");
28 ok(run(test(["d2i_test", "ASN1_ANY", "BIO",
29 srctop_file('test','d2i-tests','bad_bio.der')])),
30 "Running d2i_test bad_bio.der");
31 # This test checks CVE-2016-2108. The data consists of an tag 258 and
32 # two zero content octets. This is parsed as an ASN1_ANY type. If the
33 # type is incorrectly interpreted as an ASN.1 INTEGER the two zero content
34 # octets will be reject as invalid padding and this test will fail.
35 # If the type is correctly interpreted it will by treated as an ASN1_STRING
36 # type and the content octets copied verbatim.
37 ok(run(test(["d2i_test", "ASN1_ANY", "OK",
38 srctop_file('test','d2i-tests','high_tag.der')])),
39 "Running d2i_test high_tag.der");