1 //! Validity tests
2 
3 use der::{Decode, Encode};
4 use hex_literal::hex;
5 use x509_cert::time::Validity;
6 
7 #[test]
decode_validity()8 fn decode_validity() {
9     // Decode Validity from GoodCACert.crt in NIST's PKITS certificate collection
10     // 102  30:     SEQUENCE {
11     // 104  13:       UTCTime 01/01/2010 08:30:00 GMT
12     // 119  13:       UTCTime 31/12/2030 08:30:00 GMT
13     //        :       }
14     let val1 = Validity::from_der(
15         &hex!("301E170D3130303130313038333030305A170D3330313233313038333030305A")[..],
16     )
17     .unwrap();
18 
19     // Decode Validity from InvalidEEnotAfterDateTest6EE.crt in NIST's PKITS certificate collection
20     //  97  30:     SEQUENCE {
21     //  99  13:       UTCTime 01/01/2010 08:30:00 GMT
22     // 114  13:       UTCTime 01/01/2011 08:30:00 GMT
23     //        :       }
24     let val2 = Validity::from_der(
25         &hex!("301E170D3130303130313038333030305A170D3131303130313038333030305A")[..],
26     )
27     .unwrap();
28 
29     // Compare to values from https://www.epochconverter.com/
30     assert_eq!(val1.not_before.to_unix_duration().as_secs(), 1262334600);
31     assert_eq!(val1.not_after.to_unix_duration().as_secs(), 1924936200);
32     assert_eq!(
33         val1.not_before.to_unix_duration().as_millis(),
34         1262334600000
35     );
36     assert_eq!(val1.not_after.to_unix_duration().as_millis(), 1924936200000);
37 
38     assert_eq!(val2.not_before.to_unix_duration().as_secs(), 1262334600);
39     assert_eq!(val2.not_after.to_unix_duration().as_secs(), 1293870600);
40     assert_eq!(
41         val2.not_before.to_unix_duration().as_millis(),
42         1262334600000
43     );
44     assert_eq!(val2.not_after.to_unix_duration().as_millis(), 1293870600000);
45 
46     assert_ne!(val1, val2);
47     assert_eq!(val1, val1);
48 
49     // Decode Validity from ValidGeneralizedTimenotAfterDateTest8EE.crt in NIST's PKITS certificate collection
50     //  97  32:     SEQUENCE {
51     //  99  13:       UTCTime 01/01/2010 08:30:00 GMT
52     // 114  15:       GeneralizedTime 01/01/2050 12:01:00 GMT
53     //        :       }
54     let val3 = Validity::from_der(
55         &hex!("3020170D3130303130313038333030305A180F32303530303130313132303130305A")[..],
56     )
57     .unwrap();
58     assert_eq!(val3.not_before.to_unix_duration().as_secs(), 1262334600);
59     assert_eq!(val3.not_after.to_unix_duration().as_secs(), 2524651260);
60     assert_eq!(
61         val3.not_before.to_unix_duration().as_millis(),
62         1262334600000
63     );
64     assert_eq!(val3.not_after.to_unix_duration().as_millis(), 2524651260000);
65 
66     assert_ne!(val1, val3);
67     assert_eq!(val3, val3);
68 
69     // Decode Validity from ValidGeneralizedTimenotBeforeDateTest4EE.crt in NIST's PKITS certificate collection
70     //  97  32:     SEQUENCE {
71     //  99  15:       GeneralizedTime 01/01/2002 12:01:00 GMT
72     // 116  13:       UTCTime 31/12/2030 08:30:00 GMT
73     //        :       }
74     let val4 = Validity::from_der(
75         &hex!("3020180F32303032303130313132303130305A170D3330313233313038333030305A")[..],
76     )
77     .unwrap();
78     assert_eq!(val4.not_before.to_unix_duration().as_secs(), 1009886460);
79     assert_eq!(val4.not_after.to_unix_duration().as_secs(), 1924936200);
80     assert_eq!(
81         val4.not_before.to_unix_duration().as_millis(),
82         1009886460000
83     );
84     assert_eq!(val4.not_after.to_unix_duration().as_millis(), 1924936200000);
85 
86     assert_ne!(val4, val3);
87     assert_eq!(val4, val4);
88 }
89 
90 #[test]
encode_validity()91 fn encode_validity() {
92     // Decode Validity from GoodCACert.crt in NIST's PKITS certificate collection then re-encode
93     // 102  30:     SEQUENCE {
94     // 104  13:       UTCTime 01/01/2010 08:30:00 GMT
95     // 119  13:       UTCTime 31/12/2030 08:30:00 GMT
96     //        :       }
97     let val1 = Validity::from_der(
98         &hex!("301E170D3130303130313038333030305A170D3330313233313038333030305A")[..],
99     )
100     .unwrap();
101     let b1 = val1.to_der().unwrap();
102     assert_eq!(
103         b1,
104         &hex!("301E170D3130303130313038333030305A170D3330313233313038333030305A")[..]
105     );
106 
107     // Decode Validity from ValidGeneralizedTimenotAfterDateTest8EE.crt in NIST's PKITS certificate collection
108     //  97  32:     SEQUENCE {
109     //  99  13:       UTCTime 01/01/2010 08:30:00 GMT
110     // 114  15:       GeneralizedTime 01/01/2050 12:01:00 GMT
111     //        :       }
112     let val3 = Validity::from_der(
113         &hex!("3020170D3130303130313038333030305A180F32303530303130313132303130305A")[..],
114     )
115     .unwrap();
116     let b3 = val3.to_der().unwrap();
117     assert_eq!(
118         b3,
119         &hex!("3020170D3130303130313038333030305A180F32303530303130313132303130305A")[..]
120     );
121 
122     // Decode Validity from ValidGeneralizedTimenotBeforeDateTest4EE.crt in NIST's PKITS certificate collection
123     //  97  32:     SEQUENCE {
124     //  99  15:       GeneralizedTime 01/01/2002 12:01:00 GMT
125     // 116  13:       UTCTime 31/12/2030 08:30:00 GMT
126     //        :       }
127     let val4 = Validity::from_der(
128         &hex!("3020180F32303032303130313132303130305A170D3330313233313038333030305A")[..],
129     )
130     .unwrap();
131     let b4 = val4.to_der().unwrap();
132     assert_eq!(
133         b4,
134         &hex!("3020180F32303032303130313132303130305A170D3330313233313038333030305A")[..]
135     );
136 }
137