+ def test_nonnormalized_first_arc(self):
+ tampered = (
+ ObjectIdentifier.tag_default +
+ len_encode(2) +
+ b'\x80' +
+ ObjectIdentifier((1, 0)).encode()[-1:]
+ )
+ obj, _ = ObjectIdentifier().decode(tampered, ctx={"bered": True})
+ self.assertTrue(obj.ber_encoded)
+ self.assertTrue(obj.bered)
+ obj = copy(obj)
+ self.assertTrue(obj.ber_encoded)
+ self.assertTrue(obj.bered)
+ with assertRaisesRegex(self, DecodeError, "non normalized arc encoding"):
+ ObjectIdentifier().decode(tampered)
+
+ @given(data_strategy())
+ def test_negative_arcs(self, d):
+ oid = list(d.draw(oid_strategy()))
+ if len(oid) == 2:
+ return
+ idx = d.draw(integers(min_value=3, max_value=len(oid)))
+ oid[idx - 1] *= -1
+ if oid[idx - 1] == 0:
+ oid[idx - 1] = -1
+ with self.assertRaises(InvalidOID):
+ ObjectIdentifier(tuple(oid))
+ with self.assertRaises(InvalidOID):
+ ObjectIdentifier(".".join(str(i) for i in oid))
+
+ @given(data_strategy())
+ def test_plused_arcs(self, d):
+ oid = [str(arc) for arc in d.draw(oid_strategy())]
+ idx = d.draw(integers(min_value=0, max_value=len(oid)))
+ oid[idx - 1] = "+" + oid[idx - 1]
+ with self.assertRaises(InvalidOID):
+ ObjectIdentifier(".".join(str(i) for i in oid))
+
+ @given(data_strategy())
+ def test_nonnormalized_arcs(self, d):
+ arcs = d.draw(lists(
+ integers(min_value=0, max_value=100),
+ min_size=1,
+ max_size=5,
+ ))
+ dered = ObjectIdentifier((1, 0) + tuple(arcs)).encode()
+ _, _, lv = tag_strip(dered)
+ _, _, v = len_decode(lv)
+ v_no_first_arc = v[1:]
+ idx_for_tamper = d.draw(integers(
+ min_value=0,
+ max_value=len(v_no_first_arc) - 1,
+ ))
+ tampered = list(bytearray(v_no_first_arc))
+ for _ in range(d.draw(integers(min_value=1, max_value=3))):
+ tampered.insert(idx_for_tamper, 0x80)
+ tampered = bytes(bytearray(tampered))
+ tampered = (
+ ObjectIdentifier.tag_default +
+ len_encode(len(tampered)) +
+ tampered
+ )
+ obj, _ = ObjectIdentifier().decode(tampered, ctx={"bered": True})
+ self.assertTrue(obj.ber_encoded)
+ self.assertTrue(obj.bered)
+ obj = copy(obj)
+ self.assertTrue(obj.ber_encoded)
+ self.assertTrue(obj.bered)
+ with assertRaisesRegex(self, DecodeError, "non normalized arc encoding"):
+ ObjectIdentifier().decode(tampered)
+