From 66229c9f4d8416a72d3b3143090073d104de960e Mon Sep 17 00:00:00 2001
From: qmuntal <qmuntaldiaz@microsoft.com>
Date: Mon, 11 Jul 2022 18:44:20 +0200
Subject: [PATCH 1/2] increase headers type validation coverage

Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
---
 headers_test.go | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/headers_test.go b/headers_test.go
index 801a4de..f63a092 100644
--- a/headers_test.go
+++ b/headers_test.go
@@ -133,6 +133,13 @@ func TestProtectedHeader_MarshalCBOR(t *testing.T) {
 			},
 			wantErr: true,
 		},
+		{
+			name: "invalid content type value",
+			h: ProtectedHeader{
+				HeaderLabelContentType: []byte("foo"),
+			},
+			wantErr: true,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -800,7 +807,7 @@ func TestHeaders_MarshalUnprotected(t *testing.T) {
 					HeaderLabelAlgorithm: AlgorithmES256,
 				},
 				Unprotected: UnprotectedHeader{
-					HeaderLabelContentType: 42,
+					HeaderLabelContentType: uint8(42),
 				},
 			},
 			want: []byte{0xa1, 0x03, 0x18, 0x2a},
@@ -866,7 +873,7 @@ func TestHeaders_UnmarshalFromRaw(t *testing.T) {
 				},
 				RawUnprotected: []byte{0xa1, 0x04, 0x18, 0x2a},
 				Unprotected: UnprotectedHeader{
-					HeaderLabelContentType: 42,
+					HeaderLabelContentType: int8(42),
 				},
 			},
 		},
@@ -879,7 +886,7 @@ func TestHeaders_UnmarshalFromRaw(t *testing.T) {
 				},
 				RawUnprotected: []byte{0xa1, 0x03, 0x18, 0x2a},
 				Unprotected: UnprotectedHeader{
-					HeaderLabelContentType: 43,
+					HeaderLabelContentType: int16(43),
 				},
 			},
 			want: Headers{

From aea9b6bcb5cd54c3b34a2b3a0458cbcebdd4c565 Mon Sep 17 00:00:00 2001
From: qmuntal <qmuntaldiaz@microsoft.com>
Date: Mon, 11 Jul 2022 19:43:53 +0200
Subject: [PATCH 2/2] add canUint tests

Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
---
 headers_test.go | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/headers_test.go b/headers_test.go
index f63a092..f0f6e11 100644
--- a/headers_test.go
+++ b/headers_test.go
@@ -134,12 +134,33 @@ func TestProtectedHeader_MarshalCBOR(t *testing.T) {
 			wantErr: true,
 		},
 		{
-			name: "invalid content type value",
+			name: "content type is string",
 			h: ProtectedHeader{
 				HeaderLabelContentType: []byte("foo"),
 			},
 			wantErr: true,
 		},
+		{
+			name: "content type is negative int8",
+			h: ProtectedHeader{
+				HeaderLabelContentType: int8(-1),
+			},
+			wantErr: true,
+		},
+		{
+			name: "content type is negative int16",
+			h: ProtectedHeader{
+				HeaderLabelContentType: int16(-1),
+			},
+			wantErr: true,
+		},
+		{
+			name: "content type is negative int32",
+			h: ProtectedHeader{
+				HeaderLabelContentType: int32(-1),
+			},
+			wantErr: true,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {