1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This code is made available to you under your choice of the following sets
4 * of licensing terms:
5 */
6 /* This Source Code Form is subject to the terms of the Mozilla Public
7 * License, v. 2.0. If a copy of the MPL was not distributed with this
8 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
9 */
10 /* Copyright 2014 Mozilla Contributors
11 *
12 * Licensed under the Apache License, Version 2.0 (the "License");
13 * you may not use this file except in compliance with the License.
14 * You may obtain a copy of the License at
15 *
16 * http://www.apache.org/licenses/LICENSE-2.0
17 *
18 * Unless required by applicable law or agreed to in writing, software
19 * distributed under the License is distributed on an "AS IS" BASIS,
20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21 * See the License for the specific language governing permissions and
22 * limitations under the License.
23 */
24
25 #include "pkixgtest.h"
26
27 #include "mozpkix/pkixcheck.h"
28
29 using namespace mozilla::pkix;
30 using namespace mozilla::pkix::test;
31
32 static const Time PAST_TIME(YMDHMS(1998, 12, 31, 12, 23, 56));
33
34 #define OLDER_GENERALIZEDTIME \
35 0x18, 15, /* tag, length */ \
36 '1', '9', '9', '9', '0', '1', '0', '1', /* 1999-01-01 */ \
37 '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
38
39 #define OLDER_UTCTIME \
40 0x17, 13, /* tag, length */ \
41 '9', '9', '0', '1', '0', '1', /* (19)99-01-01 */ \
42 '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
43
44 static const Time NOW(YMDHMS(2016, 12, 31, 12, 23, 56));
45
46 #define NEWER_GENERALIZEDTIME \
47 0x18, 15, /* tag, length */ \
48 '2', '0', '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
49 '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
50
51 #define NEWER_UTCTIME \
52 0x17, 13, /* tag, length */ \
53 '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
54 '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
55
56 static const Time FUTURE_TIME(YMDHMS(2025, 12, 31, 12, 23, 56));
57
58 class pkixcheck_CheckValidity : public ::testing::Test { };
59
60 static const uint8_t OLDER_UTCTIME_NEWER_UTCTIME_DATA[] = {
61 OLDER_UTCTIME,
62 NEWER_UTCTIME,
63 };
64 static const Input
65 OLDER_UTCTIME_NEWER_UTCTIME(OLDER_UTCTIME_NEWER_UTCTIME_DATA);
66
TEST_F(pkixcheck_CheckValidity,Valid_UTCTIME_UTCTIME)67 TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_UTCTIME)
68 {
69 static Time notBefore(Time::uninitialized);
70 static Time notAfter(Time::uninitialized);
71 ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, ¬Before, ¬After));
72 ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
73 }
74
TEST_F(pkixcheck_CheckValidity,Valid_GENERALIZEDTIME_GENERALIZEDTIME)75 TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_GENERALIZEDTIME)
76 {
77 static const uint8_t DER[] = {
78 OLDER_GENERALIZEDTIME,
79 NEWER_GENERALIZEDTIME,
80 };
81 static const Input validity(DER);
82 static Time notBefore(Time::uninitialized);
83 static Time notAfter(Time::uninitialized);
84 ASSERT_EQ(Success, ParseValidity(validity, ¬Before, ¬After));
85 ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
86 }
87
TEST_F(pkixcheck_CheckValidity,Valid_GENERALIZEDTIME_UTCTIME)88 TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_UTCTIME)
89 {
90 static const uint8_t DER[] = {
91 OLDER_GENERALIZEDTIME,
92 NEWER_UTCTIME,
93 };
94 static const Input validity(DER);
95 static Time notBefore(Time::uninitialized);
96 static Time notAfter(Time::uninitialized);
97 ASSERT_EQ(Success, ParseValidity(validity, ¬Before, ¬After));
98 ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
99 }
100
TEST_F(pkixcheck_CheckValidity,Valid_UTCTIME_GENERALIZEDTIME)101 TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_GENERALIZEDTIME)
102 {
103 static const uint8_t DER[] = {
104 OLDER_UTCTIME,
105 NEWER_GENERALIZEDTIME,
106 };
107 static const Input validity(DER);
108 static Time notBefore(Time::uninitialized);
109 static Time notAfter(Time::uninitialized);
110 ASSERT_EQ(Success, ParseValidity(validity, ¬Before, ¬After));
111 ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
112 }
113
TEST_F(pkixcheck_CheckValidity,InvalidBeforeNotBefore)114 TEST_F(pkixcheck_CheckValidity, InvalidBeforeNotBefore)
115 {
116 static Time notBefore(Time::uninitialized);
117 static Time notAfter(Time::uninitialized);
118 ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, ¬Before, ¬After));
119 ASSERT_EQ(Result::ERROR_NOT_YET_VALID_CERTIFICATE, CheckValidity(PAST_TIME, notBefore, notAfter));
120 }
121
TEST_F(pkixcheck_CheckValidity,InvalidAfterNotAfter)122 TEST_F(pkixcheck_CheckValidity, InvalidAfterNotAfter)
123 {
124 static Time notBefore(Time::uninitialized);
125 static Time notAfter(Time::uninitialized);
126 ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, ¬Before, ¬After));
127 ASSERT_EQ(Result::ERROR_EXPIRED_CERTIFICATE, CheckValidity(FUTURE_TIME, notBefore, notAfter));
128 }
129