Add parsing code for TBSCertificate's "validity" field.

net/cert/internal/parse_certificate_unittest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/internal/parse_certificate.h"
 
+#include "base/strings/stringprintf.h"
 #include "net/cert/internal/test_helpers.h"
 #include "net/der/input.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 namespace net {
 
 namespace {
 
 std::string GetFilePath(const std::string file_name) {
   return std::string("net/data/parse_certificate_unittest/") + file_name;
@@ skipping 208 matching lines @@
 // The version was set to v4, which is unrecognized.
 TEST(ParseTbsCertificateTest, Version4) {
   EnsureParsingTbsFails("tbs_v4.pem");
 }
 
 // Tests that extraneous data after extensions in a v3 is rejected.
 TEST(ParseTbsCertificateTest, Version3DataAfterExtensions) {
   EnsureParsingTbsFails("tbs_v3_data_after_extensions.pem");
 }
 
+// Pretty-prints a GeneralizedTime as a human-readable string for use in test
+// expectations (it is more readable to specify the expected results as a
+// string).
+std::string ToString(const der::GeneralizedTime& time) {
+  return base::StringPrintf(
+      "year=%d, month=%d, day=%d, hours=%d, minutes=%d, seconds=%d", time.year,
+      time.month, time.day, time.hours, time.minutes, time.seconds);
+}
+
+// Reads the "VALIDITY" block from a PEM file.
+::testing::AssertionResult LoadTestValidity(const std::string& file_name,
+                                            std::string* validity) {
+  std::string path = GetFilePath(file_name);
+  const PemBlockMapping mappings[] = {{"VALIDITY", validity}};
+  return ReadTestDataFromPemFile(path, mappings);
+}
+
+// Parses a valid "validity" field, where both notBefore and notAfter are
+// expressed using UTCTime.
+TEST(ParseCertificateValidityTest, BothUtcTime) {
+  std::string validity;
+
+  ASSERT_TRUE(LoadTestValidity("validity_both_utc_time.pem", &validity));
+
+  der::GeneralizedTime validity_not_before;
+  der::GeneralizedTime validity_not_after;
+  ASSERT_TRUE(ParseValidity(InputFromString(&validity), &validity_not_before,
+                            &validity_not_after));
+
+  EXPECT_EQ("year=2012, month=10, day=18, hours=3, minutes=12, seconds=0",
+            ToString(validity_not_before));
+
+  EXPECT_EQ("year=2013, month=10, day=18, hours=14, minutes=59, seconds=59",
+            ToString(validity_not_after));
+}
+
+// Parses a valid "validity" field, where both notBefore and notAfter are
+// expressed using GeneralizedTime.
+TEST(ParseCertificateValidityTest, BothGeneralizedTime) {
+  std::string validity;
+
+  ASSERT_TRUE(
+      LoadTestValidity("validity_both_generalized_time.pem", &validity));
+
+  der::GeneralizedTime validity_not_before;
+  der::GeneralizedTime validity_not_after;
+  ASSERT_TRUE(ParseValidity(InputFromString(&validity), &validity_not_before,
+                            &validity_not_after));
+
+  EXPECT_EQ("year=2014, month=1, day=31, hours=0, minutes=0, seconds=0",
+            ToString(validity_not_before));
+
+  EXPECT_EQ("year=2016, month=2, day=29, hours=0, minutes=0, seconds=0",
+            ToString(validity_not_after));
+}
+
+// Parses a valid "validity" field, where notBefore is a UTCTime and notAfter is
+// a GeneralizedTime
+TEST(ParseCertificateValidityTest, UTCTimeAndGeneralizedTime) {
+  std::string validity;
+
+  ASSERT_TRUE(LoadTestValidity("validity_utc_time_and_generalized_time.pem",
+                               &validity));
+
+  der::GeneralizedTime validity_not_before;
+  der::GeneralizedTime validity_not_after;
+  ASSERT_TRUE(ParseValidity(InputFromString(&validity), &validity_not_before,
+                            &validity_not_after));
+
+  EXPECT_EQ("year=2012, month=10, day=18, hours=3, minutes=12, seconds=0",
+            ToString(validity_not_before));
+
+  EXPECT_EQ("year=2016, month=2, day=29, hours=0, minutes=0, seconds=0",
+            ToString(validity_not_after));
+}
+
+// Parses a valid "validity" field, where notBefore is a GeneralizedTime and
+// notAfter is
+// a UTCTime. Also of interest, notBefore > notAfter. Parsing will succeed,
+// however no time will fall in this range.

[davidben, 2015/08/18 17:24:27]

Nit: This looks like a wrapped funny.

+TEST(ParseCertificateValidityTest, GeneralizedTimeAndUTCTime) {
+  std::string validity;
+
+  ASSERT_TRUE(LoadTestValidity("validity_generalized_time_and_utc_time.pem",
+                               &validity));
+
+  der::GeneralizedTime validity_not_before;
+  der::GeneralizedTime validity_not_after;
+  ASSERT_TRUE(ParseValidity(InputFromString(&validity), &validity_not_before,
+                            &validity_not_after));
+
+  EXPECT_EQ("year=2014, month=1, day=31, hours=0, minutes=0, seconds=0",
+            ToString(validity_not_before));
+
+  EXPECT_EQ("year=2013, month=10, day=18, hours=14, minutes=59, seconds=59",
+            ToString(validity_not_after));
+}
+
 }  // namespace
 
 }  // namespace net