1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This code is made available to you under your choice of the following sets
4  * of licensing terms:
5  */
6 /* This Source Code Form is subject to the terms of the Mozilla Public
7  * License, v. 2.0. If a copy of the MPL was not distributed with this
8  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
9  */
10 /* Copyright 2014 Mozilla Contributors
11  *
12  * Licensed under the Apache License, Version 2.0 (the "License");
13  * you may not use this file except in compliance with the License.
14  * You may obtain a copy of the License at
15  *
16  *     http://www.apache.org/licenses/LICENSE-2.0
17  *
18  * Unless required by applicable law or agreed to in writing, software
19  * distributed under the License is distributed on an "AS IS" BASIS,
20  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  * See the License for the specific language governing permissions and
22  * limitations under the License.
23  */
24 
25 #include "pkixgtest.h"
26 
27 #include "mozpkix/pkixcheck.h"
28 
29 using namespace mozilla::pkix;
30 using namespace mozilla::pkix::test;
31 
32 static const Time PAST_TIME(YMDHMS(1998, 12, 31, 12, 23, 56));
33 
34 #define OLDER_GENERALIZEDTIME \
35   0x18, 15,                               /* tag, length */ \
36   '1', '9', '9', '9', '0', '1', '0', '1', /* 1999-01-01 */ \
37   '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
38 
39 #define OLDER_UTCTIME \
40   0x17, 13,                               /* tag, length */ \
41   '9', '9', '0', '1', '0', '1',           /* (19)99-01-01 */ \
42   '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
43 
44 static const Time NOW(YMDHMS(2016, 12, 31, 12, 23, 56));
45 
46 #define NEWER_GENERALIZEDTIME \
47   0x18, 15,                               /* tag, length */ \
48   '2', '0', '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
49   '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
50 
51 #define NEWER_UTCTIME \
52   0x17, 13,                               /* tag, length */ \
53   '2', '1', '0', '1', '0', '1',           /* 2021-01-01 */ \
54   '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
55 
56 static const Time FUTURE_TIME(YMDHMS(2025, 12, 31, 12, 23, 56));
57 
58 class pkixcheck_CheckValidity : public ::testing::Test { };
59 
60 static const uint8_t OLDER_UTCTIME_NEWER_UTCTIME_DATA[] = {
61   OLDER_UTCTIME,
62   NEWER_UTCTIME,
63 };
64 static const Input
65 OLDER_UTCTIME_NEWER_UTCTIME(OLDER_UTCTIME_NEWER_UTCTIME_DATA);
66 
TEST_F(pkixcheck_CheckValidity,Valid_UTCTIME_UTCTIME)67 TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_UTCTIME)
68 {
69   static Time notBefore(Time::uninitialized);
70   static Time notAfter(Time::uninitialized);
71   ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, &notBefore, &notAfter));
72   ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
73 }
74 
TEST_F(pkixcheck_CheckValidity,Valid_GENERALIZEDTIME_GENERALIZEDTIME)75 TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_GENERALIZEDTIME)
76 {
77   static const uint8_t DER[] = {
78     OLDER_GENERALIZEDTIME,
79     NEWER_GENERALIZEDTIME,
80   };
81   static const Input validity(DER);
82   static Time notBefore(Time::uninitialized);
83   static Time notAfter(Time::uninitialized);
84   ASSERT_EQ(Success, ParseValidity(validity, &notBefore, &notAfter));
85   ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
86 }
87 
TEST_F(pkixcheck_CheckValidity,Valid_GENERALIZEDTIME_UTCTIME)88 TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_UTCTIME)
89 {
90   static const uint8_t DER[] = {
91     OLDER_GENERALIZEDTIME,
92     NEWER_UTCTIME,
93   };
94   static const Input validity(DER);
95   static Time notBefore(Time::uninitialized);
96   static Time notAfter(Time::uninitialized);
97   ASSERT_EQ(Success, ParseValidity(validity, &notBefore, &notAfter));
98   ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
99 }
100 
TEST_F(pkixcheck_CheckValidity,Valid_UTCTIME_GENERALIZEDTIME)101 TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_GENERALIZEDTIME)
102 {
103   static const uint8_t DER[] = {
104     OLDER_UTCTIME,
105     NEWER_GENERALIZEDTIME,
106   };
107   static const Input validity(DER);
108   static Time notBefore(Time::uninitialized);
109   static Time notAfter(Time::uninitialized);
110   ASSERT_EQ(Success, ParseValidity(validity, &notBefore, &notAfter));
111   ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
112 }
113 
TEST_F(pkixcheck_CheckValidity,InvalidBeforeNotBefore)114 TEST_F(pkixcheck_CheckValidity, InvalidBeforeNotBefore)
115 {
116   static Time notBefore(Time::uninitialized);
117   static Time notAfter(Time::uninitialized);
118   ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, &notBefore, &notAfter));
119   ASSERT_EQ(Result::ERROR_NOT_YET_VALID_CERTIFICATE, CheckValidity(PAST_TIME, notBefore, notAfter));
120 }
121 
TEST_F(pkixcheck_CheckValidity,InvalidAfterNotAfter)122 TEST_F(pkixcheck_CheckValidity, InvalidAfterNotAfter)
123 {
124   static Time notBefore(Time::uninitialized);
125   static Time notAfter(Time::uninitialized);
126   ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, &notBefore, &notAfter));
127   ASSERT_EQ(Result::ERROR_EXPIRED_CERTIFICATE, CheckValidity(FUTURE_TIME, notBefore, notAfter));
128 }
129