Free ASN.1: 2008 compliance test suite
Earlier, I already presented my ASN.1 article on this resource in simple terms . Now I am publishing my new work - a freely distributed test suite for testing compatibility with the ASN.1: 2008 standard. Or rather, even two of my work - as an addition to the proposed test suite, I offer my own ASN.1 BER encoder / decoder (in source code), which 100% meets the requirements of the test suite that I propose. Below is a more detailed description of the entire complex.
Being engaged in working with ASN.1 for a long time, you are constantly faced with the need to use an encoding / decoding program (a special program for working with ASN.1). However, despite the general availability of the ASN.1 standard, various programs for working with ASN.1 sometimes produce different results. Often, even well-known (and paid!) Programs make mistakes when working with standard types of ASN.1, which is a consequence of omissions in testing the program or the result of an incomplete understanding of all aspects of the ASN.1 standard.
To solve this problem, it would seem that only one, centrally developed test suite for each of the ASN.1 types is sufficient. However, when dealing with this issue, I discovered that there are no such tests in the public domain. At all. According to my information, such tests still exist, but they are either closed or paid and testing for such tests is performed only on special sites in certified organizations. But what should an ordinary developer do, for example a new, freely distributed ASN.1 compiler? It was to help everyone who wanted to create something new for working with data in the ASN.1 standard, as well as for everyone who wanted to study this standard, I made a test suite that quite fully covered the coding issues for ASN.1 data types.
The test suite solves the following tasks:
Actually the tests themselves are binary files with encoded data in the ASN.1 BER format. To facilitate the work with the proposed test suite, a summary textual description of each test case is also offered, along with the type of data being tested, as well as a brief description of the proposed actions of the ASN.1 data processing program. All tests are valid coding options, that is, all of them one way or another can be met sooner or later in the real work of the ASN.1 data processing program. A complete archive with all tests (tc * .ber files), CompliXML files (see below) obtained from tests (transformed_tc * .xml files), re-encoded files (encoded_tc * .ber files), as well as a brief description of all tests (the file “free_asn1_testsuite.pdf”) can be obtained by direct link .
')
Initially, when compiling the above tests, I used only my personal experience and the ASN.1 coding standard itself. However, as a complete list of test cases was compiled, the question increasingly arose: how should the ASN.1 processing program respond correctly in each specific case and is it even possible to handle each exception situation properly? To find the answer to these questions, I had to create my own program, which allows both to decode ASN.1 BER and encode the same ASN.1 BER data. I distribute all the source codes of this program for free and everyone is free to use these codes as he pleases (almost - the program is released under the BSD license). The program serves exclusively for test and trial purposes. Below is a more detailed description of my software product.
The program is called COMPLI (fully-compliant ASN.1 BER decoder / encoder).
First, about the limitations of the program:
Now in more detail about the features of the program:
As a result, after creating the COMPLI program, I managed to accomplish the following tasks:
The program will continue to grow and expand. Currently it allows encoding to / from for the following formats:
Actually test suite itself
Sources COMPLI
Executable file COMPLI + XSD schema + configuration file for test suite
This article is also in PDF form.
Being engaged in working with ASN.1 for a long time, you are constantly faced with the need to use an encoding / decoding program (a special program for working with ASN.1). However, despite the general availability of the ASN.1 standard, various programs for working with ASN.1 sometimes produce different results. Often, even well-known (and paid!) Programs make mistakes when working with standard types of ASN.1, which is a consequence of omissions in testing the program or the result of an incomplete understanding of all aspects of the ASN.1 standard.
To solve this problem, it would seem that only one, centrally developed test suite for each of the ASN.1 types is sufficient. However, when dealing with this issue, I discovered that there are no such tests in the public domain. At all. According to my information, such tests still exist, but they are either closed or paid and testing for such tests is performed only on special sites in certified organizations. But what should an ordinary developer do, for example a new, freely distributed ASN.1 compiler? It was to help everyone who wanted to create something new for working with data in the ASN.1 standard, as well as for everyone who wanted to study this standard, I made a test suite that quite fully covered the coding issues for ASN.1 data types.
The test suite solves the following tasks:
- Gives tests for the most common ASN.1 encoding format - BER;
- Fulfillment of coding requirements for each type, as well as each of the subblocks of each type;
- Gives a complete set of non-standard situations when coding each type;
- Gives a complete set of erroneous coding for each type;
- Provides an advisory description of the behavior of the ASN.1 processing program for each of the proposed tests;
- It allows any interested person to participate in adding new test cases, and also provides a starting point for creating your own test sets;
Actually the tests themselves are binary files with encoded data in the ASN.1 BER format. To facilitate the work with the proposed test suite, a summary textual description of each test case is also offered, along with the type of data being tested, as well as a brief description of the proposed actions of the ASN.1 data processing program. All tests are valid coding options, that is, all of them one way or another can be met sooner or later in the real work of the ASN.1 data processing program. A complete archive with all tests (tc * .ber files), CompliXML files (see below) obtained from tests (transformed_tc * .xml files), re-encoded files (encoded_tc * .ber files), as well as a brief description of all tests (the file “free_asn1_testsuite.pdf”) can be obtained by direct link .
')
Initially, when compiling the above tests, I used only my personal experience and the ASN.1 coding standard itself. However, as a complete list of test cases was compiled, the question increasingly arose: how should the ASN.1 processing program respond correctly in each specific case and is it even possible to handle each exception situation properly? To find the answer to these questions, I had to create my own program, which allows both to decode ASN.1 BER and encode the same ASN.1 BER data. I distribute all the source codes of this program for free and everyone is free to use these codes as he pleases (almost - the program is released under the BSD license). The program serves exclusively for test and trial purposes. Below is a more detailed description of my software product.
The program is called COMPLI (fully-compliant ASN.1 BER decoder / encoder).
First, about the limitations of the program:
- The program is written under Windows;
- The program requires an installed MSXML 6;
- The program is intended solely for familiarization with the principles of encoding / decoding data types ASN.1, as well as to provide a sample response to non-standard situations arising in the process of encoding / decoding;
- There is no source code optimization in the program, which makes it easier to understand the processes of the internal activity of the program;
Now in more detail about the features of the program:
- It is a coder / decoder for the most common ASN.1 encoding format - BER (that is, the DER and CER formats the program also processes);
- The software also allows you to work with binary data that is additionally encoded in BASE64 format, as well as with the internal XML format for describing ASN.1 types (see below);
- Encoding and decoding implemented for all types from the latest standard ASN.1: 2008;
- The encoding and decoding for each of the types is 100% satisfying the previously proposed test cases for testing compatibility with the ASN.1 standard;
- The program is supplied in source code, under a license, allowing it to be used even in commercial developments;
- The program code is written in C ++ using the object programming model;
- The code is checked for errors and memory leaks;
- The code is arbitrarily expandable, allowing you to add work with new ASN.1 encoding formats;
- The program has a batch mode of working with files, allowing multiple input files to be processed at one time, and in one processing package there can be both decoding operations for a certain type and encoding operations. The configuration file is submitted to XML, the format of the configuration file is described as an XSD scheme ( link to the XSD file );
- The standard output format (CompliXML) describes the decoded types as XML, which makes it easier to perceive the decoding results, and also makes it possible to make secondary reports based on the decoded data;
- The standard output format is described in detail in the form of an XSD schema ( link to an XSD file );
- The standard output format describes each individual sub-block within each decoded type. For example, when decoding OBJECT IDENTIFIER, a separate block of information is created in the output file for each “sub-identifier”, and when decoding of the REAL type, separate blocks of information are created for the mantissa sub-blocks, the exponent and the information block;
- In addition to the decoded data itself, the standard output format allows you to describe the warnings and errors that occur during decoding. Moreover, warnings and errors can apply to the entire decoded file, as well as to each of the decoded sub-blocks within each ASN.1 type;
- To simplify the coding capabilities, the output and input formats of the program are completely identical. That is, by decoding a complex file (for example, X.509 certificate) and receiving the output XML file in CompliXML format, you can transfer the same file to the program input and get an encoded binary file that is absolutely identical to the original decoded file;
- Such flexibility of the program allows even for example to decode a binary file, change the ASN.1 data type in it (for example, from BMP STRING to PRINTABLE STRING), and then encode a new binary file with new, changed data types;
As a result, after creating the COMPLI program, I managed to accomplish the following tasks:
- Get valid free ASN.1 BER encoder / decoder;
- Get a stand for testing the proposed test cases for coding all types of ASN.1;
- Get the most detailed and simple description format for each type of ASN.1;
- Get the ability to simply encode using XML files of all types of ASN.1, and in the BER format. That is, COMPLI allows you to completely get rid of programming when creating arbitrary binary ASN.1 BER files, providing the ability to work only with text data in XML format;
- Show possible reaction options for all the test cases of ASN.1 types encoding that I propose;
The program will continue to grow and expand. Currently it allows encoding to / from for the following formats:
- BER (DER, CER);
- BER is additionally encoded in BASE64 (for example, OpenSSL certificates);
- CompliXML;
- Soon the XER format will be added to this list.
Actually test suite itself
Sources COMPLI
Executable file COMPLI + XSD schema + configuration file for test suite
This article is also in PDF form.
Source: https://habr.com/ru/post/152907/
All Articles