From 0f4e5404abfcdc17e275cc127c99820c2396897e Mon Sep 17 00:00:00 2001 From: Bernd Krietenstein Date: Mon, 14 Jul 2025 14:29:45 +0200 Subject: [PATCH 1/3] Added a test for BER-CMS --- cms/tests/cms_ber.rs | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cms/tests/cms_ber.rs diff --git a/cms/tests/cms_ber.rs b/cms/tests/cms_ber.rs new file mode 100644 index 000000000..25a890818 --- /dev/null +++ b/cms/tests/cms_ber.rs @@ -0,0 +1,36 @@ +#[cfg(test)] +mod tests { + use cms::content_info::ContentInfo; + use der::Decode; + + #[test] + fn convert_indefinite_ber_ejbca_cms() { + // This represents the cms structure sent by EJBCA for SCEP requests. + #[rustfmt::skip] + const EXAMPLE_BER: &[u8] = &[ + 0x30, 0x80, // ContentInfo SEQUENCE (2 elem) (indefinite length) + 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, // contentType ContentType OBJECT IDENTIFIER + 0xa0, 0x80, // content [0] ANY (1 elem) (indefinite length) + 0x30, 0x80, // SignedData SEQUENCE (5 elem) (indefinite length) + 0x02, 0x01, 0x01, // version CMSVersion INTEGER 1 + 0x31, 0x00, // digestAlgorithms DigestAlgorithmIdentifiers SET (0 elem) + 0x30, 0x0b, // encapContentInfo EncapsulatedContentInfo SEQUENCE (1 elem) + 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, // eContentType ContentType OBJECT IDENTIFIER + 0xa0, 0x80, // CertificateSet ANY (2 elem) (indefinite length) + 0x30, 0x06, // CertificateChoices SEQUENCE (3 elem) + 0x30, 0x00, + 0x30, 0x00, + 0x30, 0x00, + 0x30, 0x06, // CertificateChoices SEQUENCE (3 elem) + 0x30, 0x00, + 0x30, 0x00, + 0x30, 0x00, + 0x00, 0x00, + 0x31, 0x00, // signerInfos SignerInfos SET (0 elem) + 0x00, 0x00, + 0x00, 0x00, + 0x00, 0x00, + ]; + assert!(matches!(ContentInfo::from_ber(EXAMPLE_BER), Ok(_))); + } +} From ff39ad9b9126c1165a4fd4b0c53e6b769f38b035 Mon Sep 17 00:00:00 2001 From: Bernd Krietenstein Date: Mon, 14 Jul 2025 14:48:47 +0200 Subject: [PATCH 2/3] clippy --- cms/tests/cms_ber.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cms/tests/cms_ber.rs b/cms/tests/cms_ber.rs index 25a890818..190d1ac1b 100644 --- a/cms/tests/cms_ber.rs +++ b/cms/tests/cms_ber.rs @@ -31,6 +31,6 @@ mod tests { 0x00, 0x00, 0x00, 0x00, ]; - assert!(matches!(ContentInfo::from_ber(EXAMPLE_BER), Ok(_))); + assert!(ContentInfo::from_ber(EXAMPLE_BER).is_ok()); } } From 152bd63d231ba11e5f3f2fb7649523df51ad2e8d Mon Sep 17 00:00:00 2001 From: Bernd Krietenstein Date: Mon, 14 Jul 2025 15:47:29 +0200 Subject: [PATCH 3/3] Using `hex!` for BER example --- cms/tests/cms_ber.rs | 47 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/cms/tests/cms_ber.rs b/cms/tests/cms_ber.rs index 190d1ac1b..86bd0dc6f 100644 --- a/cms/tests/cms_ber.rs +++ b/cms/tests/cms_ber.rs @@ -2,34 +2,35 @@ mod tests { use cms::content_info::ContentInfo; use der::Decode; + use hex_literal::hex; #[test] fn convert_indefinite_ber_ejbca_cms() { // This represents the cms structure sent by EJBCA for SCEP requests. #[rustfmt::skip] - const EXAMPLE_BER: &[u8] = &[ - 0x30, 0x80, // ContentInfo SEQUENCE (2 elem) (indefinite length) - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, // contentType ContentType OBJECT IDENTIFIER - 0xa0, 0x80, // content [0] ANY (1 elem) (indefinite length) - 0x30, 0x80, // SignedData SEQUENCE (5 elem) (indefinite length) - 0x02, 0x01, 0x01, // version CMSVersion INTEGER 1 - 0x31, 0x00, // digestAlgorithms DigestAlgorithmIdentifiers SET (0 elem) - 0x30, 0x0b, // encapContentInfo EncapsulatedContentInfo SEQUENCE (1 elem) - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, // eContentType ContentType OBJECT IDENTIFIER - 0xa0, 0x80, // CertificateSet ANY (2 elem) (indefinite length) - 0x30, 0x06, // CertificateChoices SEQUENCE (3 elem) - 0x30, 0x00, - 0x30, 0x00, - 0x30, 0x00, - 0x30, 0x06, // CertificateChoices SEQUENCE (3 elem) - 0x30, 0x00, - 0x30, 0x00, - 0x30, 0x00, - 0x00, 0x00, - 0x31, 0x00, // signerInfos SignerInfos SET (0 elem) - 0x00, 0x00, - 0x00, 0x00, - 0x00, 0x00, + const EXAMPLE_BER: &[u8] = &hex![ + "30 80" // ContentInfo SEQUENCE (2 elem) (indefinite length) + "06 09 2a 86 48 86 f7 0d 01 07 02" // contentType ContentType OBJECT IDENTIFIER + "a0 80" // content [0] ANY (1 elem) (indefinite length) + "30 80" // SignedData SEQUENCE (5 elem) (indefinite length) + "02 01 01" // version CMSVersion INTEGER 1 + "31 00" // digestAlgorithms DigestAlgorithmIdentifiers SET (0 elem) + "30 0b" // encapContentInfo EncapsulatedContentInfo SEQUENCE (1 elem) + "06 09 2a 86 48 86 f7 0d 01 07 01" // eContentType ContentType OBJECT IDENTIFIER + "a0 80" // CertificateSet ANY (2 elem) (indefinite length) + "30 06" // CertificateChoices SEQUENCE (3 elem) + "30 00" + "30 00" + "30 00" + "30 06" // CertificateChoices SEQUENCE (3 elem) + "30 00" + "30 00" + "30 00" + "00 00" + "31 00" // signerInfos SignerInfos SET (0 elem) + "00 00" + "00 00" + "00 00" ]; assert!(ContentInfo::from_ber(EXAMPLE_BER).is_ok()); }