more keys and cert testing

lib/common/keys_and_cert.go

@@ -180,12 +180,17 @@ func ReadKeysAndCert(data []byte) (keys_and_cert KeysAndCert, remainder []byte,
 	}
 	keys_and_cert = KeysAndCert(data[:KEYS_AND_CERT_MIN_SIZE])
 	cert, _ := keys_and_cert.Certificate()
-	cert_len, _ := cert.Length()
+	cert_len, cert_len_err := cert.Length()
 	if cert_len == 0 {
 		remainder = data[KEYS_AND_CERT_MIN_SIZE:]
 		return
 	}
-	keys_and_cert = append(keys_and_cert, data[KEYS_AND_CERT_MIN_SIZE:KEYS_AND_CERT_MIN_SIZE+cert_len]...)
+	if data_len < KEYS_AND_CERT_MIN_SIZE+cert_len {
-	remainder = data[KEYS_AND_CERT_MIN_SIZE+cert_len:]
+		keys_and_cert = append(keys_and_cert, data[KEYS_AND_CERT_MIN_SIZE:]...)
+		err = cert_len_err
+	} else {
+		keys_and_cert = append(keys_and_cert, data[KEYS_AND_CERT_MIN_SIZE:KEYS_AND_CERT_MIN_SIZE+cert_len]...)
+		remainder = data[KEYS_AND_CERT_MIN_SIZE+cert_len:]
+	}
 	return
 }

lib/common/keys_and_cert_test.go

@@ -45,6 +45,28 @@ func TestReadKeysAndCertWithMissingData(t *testing.T) {
 }
 
 func TestReadKeysAndCertWithMissingCertData(t *testing.T) {
+	assert := assert.New(t)
+
+	cert_data := make([]byte, 128+256)
+	cert_data = append(cert_data, []byte{0x05, 0x00, 0x04, 0x00, 0x01}...)
+	keys_and_cert, remainder, err := ReadKeysAndCert(cert_data)
+	assert.Equal(0, len(remainder))
+	if assert.NotNil(err) {
+		assert.Equal("certificate parsing warning: certificate data is shorter than specified by length", err.Error())
+	}
+
+	_, err = keys_and_cert.PublicKey()
+	if assert.NotNil(err) {
+		assert.Equal("certificate parsing warning: certificate data is shorter than specified by length", err.Error())
+	}
+	_, err = keys_and_cert.SigningPublicKey()
+	if assert.NotNil(err) {
+		assert.Equal("certificate parsing warning: certificate data is shorter than specified by length", err.Error())
+	}
+	_, err = keys_and_cert.Certificate()
+	if assert.NotNil(err) {
+		assert.Equal("certificate parsing warning: certificate data is shorter than specified by length", err.Error())
+	}
 }
 
 func TestReadKeysAndCertWithValidDataWithCertificate(t *testing.T) {
@@ -82,11 +104,39 @@ func TestReadKeysAndCertWithValidDataWithoutCertificate(t *testing.T) {
 }
 
 func TestReadKeysAndCertWithValidDataWithCertificateAndRemainder(t *testing.T) {
+	assert := assert.New(t)
+
+	cert_data := make([]byte, 128+256)
+	cert_data = append(cert_data, []byte{0x05, 0x00, 0x04, 0x00, 0x01, 0x00, 0x00, 0x41}...)
+	keys_and_cert, remainder, err := ReadKeysAndCert(cert_data)
+	if assert.Equal(1, len(remainder)) {
+		assert.Equal("A", string(remainder[0]))
+	}
+	assert.Nil(err)
+
+	_, err = keys_and_cert.PublicKey()
+	assert.Nil(err, "keys_and_cert.PublicKey() returned error with valid data containing certificate")
+	_, err = keys_and_cert.SigningPublicKey()
+	assert.Nil(err, "keys_and_cert.SigningPublicKey() returned error with valid data containing certificate")
+	_, err = keys_and_cert.Certificate()
+	assert.Nil(err, "keys_and_cert.Certificate() returned error with valid data containing certificate")
 }
 
 func TestReadKeysAndCertWithValidDataWithoutCertificateAndRemainder(t *testing.T) {
-}
+	assert := assert.New(t)
 
-//if assert.NotNil(err) {
+	cert_data := make([]byte, 128+256)
-//	assert.Equal(err.Error(), "", "correct error message should be returned")
+	cert_data = append(cert_data, []byte{0x00, 0x00, 0x00, 0x41}...)
-//}
+	keys_and_cert, remainder, err := ReadKeysAndCert(cert_data)
+	if assert.Equal(1, len(remainder)) {
+		assert.Equal("A", string(remainder[0]))
+	}
+	assert.Nil(err)
+
+	_, err = keys_and_cert.PublicKey()
+	assert.Nil(err, "keys_and_cert.PublicKey() returned error with valid data not containing certificate")
+	_, err = keys_and_cert.SigningPublicKey()
+	assert.Nil(err, "keys_and_cert.SigningPublicKey() returned error with valid data not containing certificate")
+	_, err = keys_and_cert.Certificate()
+	assert.Nil(err, "keys_and_cert.Certificate() returned error with valid data not containing certificate")
+}