Google Git
Sign in
boringssl/boringssl.git/fdeb4aa9251aad073a36426f66d2e0819a3a4a6d^!/./crypto/x509/x509_test.cc
commit
fdeb4aa9251aad073a36426f66d2e0819a3a4a6d
[log]
author
David Benjamin <davidben@google.com>
Wed Jun 22 14:18:20 2022 -0400
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Sat Jun 25 21:24:59 2022 +0000
tree
e4644fef76baa84f357fd6a0d885b94736175769
parent
0378578cd4960765bb0f52123a82d8cacc653991 [diff] [blame]
Reimplement ASN1_TIME_print with the new parser.

No sense in keeping two around. This does cause the functions to reject
some previously accepted invalid inputs. These were intentionally
accepted by
https://boringssl-review.googlesource.com/c/boringssl/+/13082 for
an old version of M2Crypto, but I belive we no longer need to be
compatible with that.

Update-Note: ASN1_TIME_print, ASN1_UTCTIME_print, and
ASN1_GENERALIZEDTIME_print will no longer accept various invalid inputs.

Change-Id: I4606d0b39585a19eb4b984ac809706e497a3f799
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/53090
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>

diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc
index ce70ae3..fe4a775 100644
--- a/crypto/x509/x509_test.cc
+++ b/crypto/x509/x509_test.cc

@@ -2129,10 +2129,10 @@
     {"000000000000Z", "Bad time value"},
     {"999999999999Z", "Bad time value"},
 
-    // Missing components. Not legal RFC 5280, but permitted.
-    {"090303125425", "Mar  3 12:54:25 2009"},
-    {"9003031254", "Mar  3 12:54:00 1990"},
-    {"9003031254Z", "Mar  3 12:54:00 1990 GMT"},
+    // Missing components.
+    {"090303125425", "Bad time value"},
+    {"9003031254", "Bad time value"},
+    {"9003031254Z", "Bad time value"},
 
     // GENERALIZEDTIME confused for UTCTIME.
     {"20090303125425Z", "Bad time value"},