[gnutls-dev] Re: Is 2MB too large for self tests?

Simon Josefsson jas at extundo.com
Mon Aug 23 16:28:03 CEST 2004


Werner Koch <wk at gnupg.org> writes:

>> I believe a few of the S/MIME test cases are buggy (bad base64
>> encoding).  I've sent David Cooper a message about it.  If you are
>
> I have not yet come to the S/MIME cases.  Needed to fix a couple of
> other bugs first.  However please forward the mail so I won't fall
> into the same pit.

Here goes.  Note that they haven't been confirmed as bugs, so the bug
may be on my part.

While going over the new PKITS test cases, I believe I found a
systematic problem in the base64 encoding of the following files:

 smime/SignedDifferentPoliciesTest4.eml
 smime/SignedInvalidBasicSelfIssuedOldWithNewTest2.eml
 smime/SignedInvalidRFC822nameConstraintsTest22.eml
 smime/SignedInvalidRFC822nameConstraintsTest26.eml
 smime/SignedValidPolicyMappingTest3.eml
 smime/SignedValidSelfIssuedinhibitPolicyMappingTest7.eml

Looking carefully at them, I realize they don't appear to contain
valid base64 data.  Five of them have the same pattern:

smime/SignedDifferentPoliciesTest4.eml:
...
Ckdvb2Qgc3ViQ0ECAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYBZtJEbCoUtyenYyyu5gd/A
Ek4TTcN0sg2NvIFLc37VLAxtWcv5iC5hoyiE4f0fXbYTd4G83SimqxsGVk9GIg0KT45wl4NgNJhr
maYOtxbRUF72ygH+rundE/BeJ7XnwDsDuvQRFFi/J0F/RQGJGS5lkkzS7l/8hgArXkZ3Xe3x5AAA==

smime/SignedInvalidBasicSelfIssuedOldWithNewTest2.eml:
...
IE5ldyBLZXkgQ0ECAQMwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYCr3FvVdmJh2CFVoayeJFlN
BuAkhD3VQ+eu52+wWHKhivlTN+ZTkVVUB0XXtXLJujb5icVsIGFHuKLk0AxK0VV61cla8NFMBT1+
SSEUwtI9KzU/COBIsm0nTqwdmnpGL9ewPGrOyG9xlxyRWOD5yRfcZ1K7Ouom8cVmqZOQt+4suQAA==

smime/SignedInvalidRFC822nameConstraintsTest26.eml:
...
IFJGQzgyMiBDQTMCAQIwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYAa0s/qZXRqUKiX7bNyT4GG
YQhkU6Hxh+v0iEvtLH2j00ZqnitHQ+dopZT9ioQ4k8gZnsVmQUtAs6XGRgk9u9jc95rHx25UvUnF
D3WVvVfI8WPEcuoXLWSW0UecNSXeBR1FCqV50o100G4mWBxe4sQpJYJzviXX1K+TH2cXFMf6JgAA==

smime/SignedValidPolicyMappingTest3.eml:
...
bzMgc3Vic3ViQ0ECAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYBv0VNZTogJWG4Y8F3S1ZJt
wo7fRVFZ1VM8bM761EmBgernXnYVjMAPbWi7j4thYao+Mct0/LsfBMiAJ0FlLVopXbHQk6AOuzsu
WlxwBYAGbS/XwPX6ZlJpA8mhG/lps6KaOaRZqLtNqcI7nEnhfKkqoN7VCNdCF42GsR3q/3JD3gAA==

smime/SignedValidSelfIssuedinhibitPolicyMappingTest7.eml:
...
ZzEgUDEgc3ViQ0ECAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYBLP7PAXEAZmOqU4wjBMdEg
YSmq2uCSdM8rTXkHmnsNFFzF3kb631z3XIV0QnNxbf3tnPth1evO3czt7Vg75DA99eyRtAKMp14O
EyNOPY1erx7u/EVjqjuo8eJ36RQ/q+Cl3HpEtmMReKxWimbl1aRvdgEiKMXyX38Wc4NX6/S7QAAA==

If I replace 'AA==' with '==' they all work.  You can verify that the
files doesn't contain valid base64 data, because base64 data ending
with '==' must always be of a specific length (see RFC 3548 or some
other base64 specification).

Perhaps your base64 encoder has problems when the data finish at the
line wrap position.

The sixth file smime/SignedInvalidRFC822nameConstraintsTest22.eml is
more complicated, but still similar.  Here I use ^M to indicate CR:

cyBSRkM4MjIgQ0ExAgECMAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUABIGAclFj1HCdFFFrmLLeVTnn^M
U1gINbB7LEpP0adbCR+EX+JfWfzWA5BXS0Gj33yFCrpw3FlfZtrQjG+jxr6kO/rlBrtxWyp9L8/l^M
7t01CHKSFMQ/pI+SGfzyufEOD2l+fgSS7WcGnGLsHBCj48b2y71KQ+zEr1EXXxV5/2MropWW4e0A^M=^M

Here you should replace 'A^M=^M' with '=^M'.





More information about the Gnutls-devel mailing list