X509Certificate validFrom expiresOn Date parsing #2743
Description
This is my first time posting an issue to github. So if any information is missing or suggestions regarding the issue arise, fell free to point it out.
Expected behavior
Regarding section 4.2.1.5 validity of https://tools.ietf.org/html/rfc3280#section-4.1.2.5 validity dates in 2050 or later must be encoded as GeneralizedTime.
The functions validFrom and expiresOn should check the certtime type and parse the string accordingly. One possible solution would be: (Crypto/src/X509Certificate.cpp line 274 following)
if(certTime->type == V_ASN1_UTCTIME)
{
return DateTimeParser::parse("%y%m%d%H%M%S", dateTime, tzd);
}
else if(certTime->type == V_ASN1_GENERALIZEDTIME)
{
return DateTimeParser::parse("%Y%m%d%H%M%S", dateTime, tzd);
}
else
{
throw UnhandledException("Unknown format in notBefore time string");
} Actual behavior
Currently all certificates containing GeneralizedTime produce out of range exception because the last two digits of the year are interpreted as month.
Steps to reproduce the problem
Load a certificate with a validity date of 2050 or beyond and try to use validFrom or expiresOn functions.
POCO version
All versions up to 1.1.2019 develop branch
Compiler and version
All