tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

pkixcheck_CheckValidity_tests.cpp (4662B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
      3 /* This code is made available to you under your choice of the following sets
      4 * of licensing terms:
      5 */
      6 /* This Source Code Form is subject to the terms of the Mozilla Public
      7 * License, v. 2.0. If a copy of the MPL was not distributed with this
      8 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
      9 */
     10 /* Copyright 2014 Mozilla Contributors
     11 *
     12 * Licensed under the Apache License, Version 2.0 (the "License");
     13 * you may not use this file except in compliance with the License.
     14 * You may obtain a copy of the License at
     15 *
     16 *     http://www.apache.org/licenses/LICENSE-2.0
     17 *
     18 * Unless required by applicable law or agreed to in writing, software
     19 * distributed under the License is distributed on an "AS IS" BASIS,
     20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     21 * See the License for the specific language governing permissions and
     22 * limitations under the License.
     23 */
     24 
     25 #include "pkixgtest.h"
     26 
     27 #include "mozpkix/pkixcheck.h"
     28 
     29 using namespace mozilla::pkix;
     30 using namespace mozilla::pkix::test;
     31 
     32 static const Time PAST_TIME(YMDHMS(1998, 12, 31, 12, 23, 56));
     33 
     34 #define OLDER_GENERALIZEDTIME \
     35  0x18, 15,                               /* tag, length */ \
     36  '1', '9', '9', '9', '0', '1', '0', '1', /* 1999-01-01 */ \
     37  '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
     38 
     39 #define OLDER_UTCTIME \
     40  0x17, 13,                               /* tag, length */ \
     41  '9', '9', '0', '1', '0', '1',           /* (19)99-01-01 */ \
     42  '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
     43 
     44 static const Time NOW(YMDHMS(2016, 12, 31, 12, 23, 56));
     45 
     46 #define NEWER_GENERALIZEDTIME \
     47  0x18, 15,                               /* tag, length */ \
     48  '2', '0', '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
     49  '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
     50 
     51 #define NEWER_UTCTIME \
     52  0x17, 13,                               /* tag, length */ \
     53  '2', '1', '0', '1', '0', '1',           /* 2021-01-01 */ \
     54  '0', '0', '0', '0', '0', '0', 'Z'       /* 00:00:00Z */
     55 
     56 static const Time FUTURE_TIME(YMDHMS(2025, 12, 31, 12, 23, 56));
     57 
     58 class pkixcheck_CheckValidity : public ::testing::Test { };
     59 
     60 static const uint8_t OLDER_UTCTIME_NEWER_UTCTIME_DATA[] = {
     61  OLDER_UTCTIME,
     62  NEWER_UTCTIME,
     63 };
     64 static const Input
     65 OLDER_UTCTIME_NEWER_UTCTIME(OLDER_UTCTIME_NEWER_UTCTIME_DATA);
     66 
     67 TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_UTCTIME)
     68 {
     69  static Time notBefore(Time::uninitialized);
     70  static Time notAfter(Time::uninitialized);
     71  ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, &notBefore, &notAfter));
     72  ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
     73 }
     74 
     75 TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_GENERALIZEDTIME)
     76 {
     77  static const uint8_t DER[] = {
     78    OLDER_GENERALIZEDTIME,
     79    NEWER_GENERALIZEDTIME,
     80  };
     81  static const Input validity(DER);
     82  static Time notBefore(Time::uninitialized);
     83  static Time notAfter(Time::uninitialized);
     84  ASSERT_EQ(Success, ParseValidity(validity, &notBefore, &notAfter));
     85  ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
     86 }
     87 
     88 TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_UTCTIME)
     89 {
     90  static const uint8_t DER[] = {
     91    OLDER_GENERALIZEDTIME,
     92    NEWER_UTCTIME,
     93  };
     94  static const Input validity(DER);
     95  static Time notBefore(Time::uninitialized);
     96  static Time notAfter(Time::uninitialized);
     97  ASSERT_EQ(Success, ParseValidity(validity, &notBefore, &notAfter));
     98  ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
     99 }
    100 
    101 TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_GENERALIZEDTIME)
    102 {
    103  static const uint8_t DER[] = {
    104    OLDER_UTCTIME,
    105    NEWER_GENERALIZEDTIME,
    106  };
    107  static const Input validity(DER);
    108  static Time notBefore(Time::uninitialized);
    109  static Time notAfter(Time::uninitialized);
    110  ASSERT_EQ(Success, ParseValidity(validity, &notBefore, &notAfter));
    111  ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
    112 }
    113 
    114 TEST_F(pkixcheck_CheckValidity, InvalidBeforeNotBefore)
    115 {
    116  static Time notBefore(Time::uninitialized);
    117  static Time notAfter(Time::uninitialized);
    118  ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, &notBefore, &notAfter));
    119  ASSERT_EQ(Result::ERROR_NOT_YET_VALID_CERTIFICATE, CheckValidity(PAST_TIME, notBefore, notAfter));
    120 }
    121 
    122 TEST_F(pkixcheck_CheckValidity, InvalidAfterNotAfter)
    123 {
    124  static Time notBefore(Time::uninitialized);
    125  static Time notAfter(Time::uninitialized);
    126  ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, &notBefore, &notAfter));
    127  ASSERT_EQ(Result::ERROR_EXPIRED_CERTIFICATE, CheckValidity(FUTURE_TIME, notBefore, notAfter));
    128 }