From 10edb951d59186a063597d0025c0002e96195138 Mon Sep 17 00:00:00 2001
From: Mart Somermaa <mrts@users.noreply.github.com>
Date: Wed, 27 Mar 2024 08:02:28 +0200
Subject: [PATCH] Add tests for nonces that contain null bytes, control
 characters, high-byte values or an ASN.1 OID

WE2-879

Signed-off-by: Mart Somermaa <mrts@users.noreply.github.com>
---
 tests/OcspRequestTest.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/tests/OcspRequestTest.php b/tests/OcspRequestTest.php
index 0ba3038..111e4e3 100644
--- a/tests/OcspRequestTest.php
+++ b/tests/OcspRequestTest.php
@@ -101,4 +101,29 @@ public function testWhenGetNonceExtensionSuccess(): void
 
         $this->assertEquals("nonce", $request->getNonceExtension());
     }
+
+    public function testBinaryNonce(): void
+    {
+        // Create a nonce with a mixture of potentially problematic bytes.
+        // This includes null bytes, control characters, and high-byte values (e.g., above 0x7F),
+        // which are common sources of issues in improper string handling scenarios.
+        $nonce = "\0\1\2\3\4\5\6\7\x08\x09\x10\0"
+                       . "\x0A\x0D\x1B"
+                       . "\xE2\x82\xAC"
+                       . "\xFF";
+        $request = new OcspRequest();
+        $request->addNonceExtension($nonce);
+
+        $this->assertEquals($nonce, $request->getNonceExtension());
+    }
+
+    public function testAsnOidNonce(): void
+    {
+        // Create a nonce that contains ASN.1 DER-encoded OID for SHA-256: 2.16.840.1.101.3.4.2.1.
+        $nonce = "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01";
+        $request = new OcspRequest();
+        $request->addNonceExtension($nonce);
+
+        $this->assertEquals($nonce, $request->getNonceExtension());
+    }
 }