cms: Added a test for BER-CMS

[bkstein]

This is my real-world test of a BER encoded CMS message using indefinite lengths. I removed the content, but kept the structure.
This kind of messages is sent by EJBCA when certificates are enrolled using SCEP protocol.

[dishmaker]

You can use hex! btw

formats/der/tests/derive.rs

Lines 800 to 804 in 9ca99ba

	const TACHO_CERT_DER: &[u8] = &hex!(
	"7F 21 81 C8" // Application 33
	"7F 4E 81 81" // Application 78

[dishmaker]

I think the inside SignedData does not decode as intended.

[Spoiler] pretty-printing ContentInfo

let content_info = ContentInfo::from_ber(EXAMPLE_BER).unwrap();

// using der feature `clarify`
use der::{ClarifyFlavor, EncodeClarifyExt};
let clarified = content_info.to_der_clarify(ClarifyFlavor::RustHex).unwrap();
println!("clarified: {clarified}");

I could not decode it:

let signed_data = SignedData::from_ber(content_info.content.value()).unwrap();
assert!(signed_data.certificates.iter().nth(1).is_some());

gives a tag error.

hex!(
"30 37" // tag: SEQUENCE len: 55 type: ContentInfo
        "06 09" // tag: OBJECT IDENTIFIER type: ObjectIdentifier
                "2A 86 48 86 F7 0D 01 07 02"
        "A0 2A" // tag: CONTEXT-SPECIFIC [0] (constructed) len: 42 type: ContextSpecificRef<Any>
                "30 28" // tag: SEQUENCE len: 40 type: Any
                        "02 01 01 31 00 30 0B 06 09 2A 86 48 86 F7 0D 01
                         07 01 A0 80 30 06 30 00 30 00 30 00 30 06 30 00
                         30 00 30 00 00 00 31 00"
                "" // end: Any
        "" // end: ContextSpecificRef<Any>
"" // end: ContentInfo
)

[bkstein]

The EXAMPLE_BER is not a valid CMS message. I used it to test, if my own preliminary BER-to-DER converter works on nested indefinite length structures (ignoring the content).