From 928287b7826ae8670da78a221c72f5380bc58973 Mon Sep 17 00:00:00 2001
From: Timothy Flynn <trflynn89@pm.me>
Date: Thu, 7 Mar 2024 10:34:45 -0500
Subject: [PATCH] LibCrypto: Store ASN1 certificate timestamps as UnixDateTime

We are currently using Core::DateTime, which is meant to represent local
time. However, we are doing no conversion between the parsed time in UTC
and local time, so we end up comparing time stamps from different time
zones.

Instead, store the parsed times as UnixDateTime, which is UTC. Then we
can always compare the parsed times against the current UTC time.

This also lets us store parsed milliseconds.
---
 Tests/LibCrypto/TestASN1.cpp                  | 96 +++++++++----------
 .../CertificateStoreWidget.cpp                |  3 +-
 Userland/Libraries/LibCrypto/ASN1/ASN1.cpp    | 10 +-
 Userland/Libraries/LibCrypto/ASN1/ASN1.h      |  6 +-
 Userland/Libraries/LibTLS/Certificate.cpp     |  2 +-
 Userland/Libraries/LibTLS/Certificate.h       |  6 +-
 Userland/Libraries/LibTLS/TLSv12.cpp          |  6 +-
 7 files changed, 64 insertions(+), 65 deletions(-)

diff --git a/Tests/LibCrypto/TestASN1.cpp b/Tests/LibCrypto/TestASN1.cpp
index 3b752d8e4b..730e8db2f2 100644
--- a/Tests/LibCrypto/TestASN1.cpp
+++ b/Tests/LibCrypto/TestASN1.cpp
@@ -5,11 +5,12 @@
  */
 
 #include <AK/StringView.h>
+#include <AK/Time.h>
 #include <LibCrypto/ASN1/ASN1.h>
 #include <LibTest/TestCase.h>
 
 #define EXPECT_DATETIME(sv, y, mo, d, h, mi, s) \
-    EXPECT_EQ(Crypto::ASN1::parse_utc_time(sv).value(), Core::DateTime::create(y, mo, d, h, mi, s))
+    EXPECT_EQ(Crypto::ASN1::parse_utc_time(sv).value(), UnixDateTime::from_unix_time_parts(y, mo, d, h, mi, s, 0))
 
 TEST_CASE(test_utc_boring)
 {
@@ -65,79 +66,76 @@ TEST_CASE(test_utc_missing_z)
 }
 
 #undef EXPECT_DATETIME
-#define EXPECT_DATETIME(sv, y, mo, d, h, mi, s) \
-    EXPECT_EQ(Crypto::ASN1::parse_generalized_time(sv).value(), Core::DateTime::create(y, mo, d, h, mi, s))
+#define EXPECT_DATETIME(sv, y, mo, d, h, mi, s, ms) \
+    EXPECT_EQ(Crypto::ASN1::parse_generalized_time(sv).value(), UnixDateTime::from_unix_time_parts(y, mo, d, h, mi, s, ms))
 
 TEST_CASE(test_generalized_boring)
 {
     // YYYYMMDDhh[mm[ss[.fff]]]
-    EXPECT_DATETIME("20010101010101Z"sv, 2001, 1, 1, 1, 1, 1);
-    EXPECT_DATETIME("20010203040506Z"sv, 2001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("20020406081012Z"sv, 2002, 4, 6, 8, 10, 12);
-    EXPECT_DATETIME("200204060810Z"sv, 2002, 4, 6, 8, 10, 0);
-    EXPECT_DATETIME("2002040608Z"sv, 2002, 4, 6, 8, 0, 0);
-    // TODO: We probably should not discard the milliseconds.
-    EXPECT_DATETIME("20020406081012.567Z"sv, 2002, 4, 6, 8, 10, 12);
-    EXPECT_DATETIME("20220911220000Z"sv, 2022, 9, 11, 22, 0, 0);
+    EXPECT_DATETIME("20010101010101Z"sv, 2001, 1, 1, 1, 1, 1, 0);
+    EXPECT_DATETIME("20010203040506Z"sv, 2001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("20020406081012Z"sv, 2002, 4, 6, 8, 10, 12, 0);
+    EXPECT_DATETIME("200204060810Z"sv, 2002, 4, 6, 8, 10, 0, 0);
+    EXPECT_DATETIME("2002040608Z"sv, 2002, 4, 6, 8, 0, 0, 0);
+    EXPECT_DATETIME("20020406081012.567Z"sv, 2002, 4, 6, 8, 10, 12, 567);
+    EXPECT_DATETIME("20220911220000Z"sv, 2022, 9, 11, 22, 0, 0, 0);
 }
 
 TEST_CASE(test_generalized_offset)
 {
     // YYYYMMDDhh[mm[ss[.fff]]](+|-)hhmm
     // We don't yet support storing the offset anywhere and instead just assume that the offset is just +0000.
-    EXPECT_DATETIME("20010101010101+0000"sv, 2001, 1, 1, 1, 1, 1);
-    EXPECT_DATETIME("20010203040506+0000"sv, 2001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("20020406081012+0000"sv, 2002, 4, 6, 8, 10, 12);
-    EXPECT_DATETIME("200204060810+0000"sv, 2002, 4, 6, 8, 10, 0);
-    EXPECT_DATETIME("2002040608+0000"sv, 2002, 4, 6, 8, 0, 0);
-    // TODO: We probably should not discard the milliseconds.
-    EXPECT_DATETIME("20020406081012.567+0000"sv, 2002, 4, 6, 8, 10, 12);
-    EXPECT_DATETIME("20220911220000+0000"sv, 2022, 9, 11, 22, 0, 0);
+    EXPECT_DATETIME("20010101010101+0000"sv, 2001, 1, 1, 1, 1, 1, 0);
+    EXPECT_DATETIME("20010203040506+0000"sv, 2001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("20020406081012+0000"sv, 2002, 4, 6, 8, 10, 12, 0);
+    EXPECT_DATETIME("200204060810+0000"sv, 2002, 4, 6, 8, 10, 0, 0);
+    EXPECT_DATETIME("2002040608+0000"sv, 2002, 4, 6, 8, 0, 0, 0);
+    EXPECT_DATETIME("20020406081012.567+0000"sv, 2002, 4, 6, 8, 10, 12, 567);
+    EXPECT_DATETIME("20220911220000+0000"sv, 2022, 9, 11, 22, 0, 0, 0);
     // Designed to fail once we support offsets:
-    EXPECT_DATETIME("20220911220000+0600"sv, 2022, 9, 11, 22, 0, 0);
+    EXPECT_DATETIME("20220911220000+0600"sv, 2022, 9, 11, 22, 0, 0, 0);
 }
 
 TEST_CASE(test_generalized_missing_z)
 {
     // YYYYMMDDhh[mm[ss[.fff]]]
-    EXPECT_DATETIME("20010101010101"sv, 2001, 1, 1, 1, 1, 1);
-    EXPECT_DATETIME("20010203040506"sv, 2001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("20020406081012"sv, 2002, 4, 6, 8, 10, 12);
-    EXPECT_DATETIME("200204060810"sv, 2002, 4, 6, 8, 10, 0);
-    EXPECT_DATETIME("2002040608"sv, 2002, 4, 6, 8, 0, 0);
-    // TODO: We probably should not discard the milliseconds.
-    EXPECT_DATETIME("20020406081012.567"sv, 2002, 4, 6, 8, 10, 12);
-    EXPECT_DATETIME("20220911220000"sv, 2022, 9, 11, 22, 0, 0);
+    EXPECT_DATETIME("20010101010101"sv, 2001, 1, 1, 1, 1, 1, 0);
+    EXPECT_DATETIME("20010203040506"sv, 2001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("20020406081012"sv, 2002, 4, 6, 8, 10, 12, 0);
+    EXPECT_DATETIME("200204060810"sv, 2002, 4, 6, 8, 10, 0, 0);
+    EXPECT_DATETIME("2002040608"sv, 2002, 4, 6, 8, 0, 0, 0);
+    EXPECT_DATETIME("20020406081012.567"sv, 2002, 4, 6, 8, 10, 12, 567);
+    EXPECT_DATETIME("20220911220000"sv, 2022, 9, 11, 22, 0, 0, 0);
 }
 
 TEST_CASE(test_generalized_unusual_year)
 {
     // Towards the positive
-    EXPECT_DATETIME("20010203040506Z"sv, 2001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("20110203040506Z"sv, 2011, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("21010203040506Z"sv, 2101, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("30010203040506Z"sv, 3001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("40010203040506Z"sv, 4001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("90010203040506Z"sv, 9001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("99990203040506Z"sv, 9999, 2, 3, 4, 5, 6);
+    EXPECT_DATETIME("20010203040506Z"sv, 2001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("20110203040506Z"sv, 2011, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("21010203040506Z"sv, 2101, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("30010203040506Z"sv, 3001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("40010203040506Z"sv, 4001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("90010203040506Z"sv, 9001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("99990203040506Z"sv, 9999, 2, 3, 4, 5, 6, 0);
 
     // Towards zero
-    EXPECT_DATETIME("20010203040506Z"sv, 2001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("19990203040506Z"sv, 1999, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("19500203040506Z"sv, 1950, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("19010203040506Z"sv, 1901, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("18010203040506Z"sv, 1801, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("15010203040506Z"sv, 1501, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("10010203040506Z"sv, 1001, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("01010203040506Z"sv, 101, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("00110203040506Z"sv, 11, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("00010203040506Z"sv, 1, 2, 3, 4, 5, 6);
-    EXPECT_DATETIME("00000203040506Z"sv, 0, 2, 3, 4, 5, 6);
+    EXPECT_DATETIME("20010203040506Z"sv, 2001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("19990203040506Z"sv, 1999, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("19500203040506Z"sv, 1950, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("19010203040506Z"sv, 1901, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("18010203040506Z"sv, 1801, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("15010203040506Z"sv, 1501, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("10010203040506Z"sv, 1001, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("01010203040506Z"sv, 101, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("00110203040506Z"sv, 11, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("00010203040506Z"sv, 1, 2, 3, 4, 5, 6, 0);
+    EXPECT_DATETIME("00000203040506Z"sv, 0, 2, 3, 4, 5, 6, 0);
 
     // Problematic dates
-    EXPECT_DATETIME("20200229040506Z"sv, 2020, 2, 29, 4, 5, 6);
-    EXPECT_DATETIME("20000229040506Z"sv, 2000, 2, 29, 4, 5, 6);
-    EXPECT_DATETIME("24000229040506Z"sv, 2400, 2, 29, 4, 5, 6);
+    EXPECT_DATETIME("20200229040506Z"sv, 2020, 2, 29, 4, 5, 6, 0);
+    EXPECT_DATETIME("20000229040506Z"sv, 2000, 2, 29, 4, 5, 6, 0);
+    EXPECT_DATETIME("24000229040506Z"sv, 2400, 2, 29, 4, 5, 6, 0);
 }
 
 TEST_CASE(test_generalized_nonexistent_dates)
diff --git a/Userland/Applications/CertificateSettings/CertificateStoreWidget.cpp b/Userland/Applications/CertificateSettings/CertificateStoreWidget.cpp
index 388f1ea8be..0f31d4eed0 100644
--- a/Userland/Applications/CertificateSettings/CertificateStoreWidget.cpp
+++ b/Userland/Applications/CertificateSettings/CertificateStoreWidget.cpp
@@ -6,6 +6,7 @@
 
 #include "CertificateStoreWidget.h"
 #include <AK/String.h>
+#include <LibCore/DateTime.h>
 #include <LibCrypto/ASN1/PEM.h>
 #include <LibFileSystem/FileSystem.h>
 #include <LibFileSystemAccessClient/Client.h>
@@ -74,7 +75,7 @@ GUI::Variant CertificateStoreModel::data(GUI::ModelIndex const& index, GUI::Mode
         return issued_by;
     }
     case Column::Expire:
-        return cert.validity.not_after.to_byte_string("%Y-%m-%d"sv);
+        return Core::DateTime::from_timestamp(cert.validity.not_after.seconds_since_epoch()).to_byte_string("%Y-%m-%d"sv);
     default:
         VERIFY_NOT_REACHED();
     }
diff --git a/Userland/Libraries/LibCrypto/ASN1/ASN1.cpp b/Userland/Libraries/LibCrypto/ASN1/ASN1.cpp
index 4bba1bc032..b49e276f67 100644
--- a/Userland/Libraries/LibCrypto/ASN1/ASN1.cpp
+++ b/Userland/Libraries/LibCrypto/ASN1/ASN1.cpp
@@ -119,7 +119,7 @@ ByteString type_name(Type type)
     return "InvalidType";
 }
 
-Optional<Core::DateTime> parse_utc_time(StringView time)
+Optional<UnixDateTime> parse_utc_time(StringView time)
 {
     // YYMMDDhhmm[ss]Z or YYMMDDhhmm[ss](+|-)hhmm
     GenericLexer lexer(time);
@@ -164,10 +164,10 @@ Optional<Core::DateTime> parse_utc_time(StringView time)
     if (offset_hours.has_value() || offset_minutes.has_value())
         dbgln("FIXME: Implement UTCTime with offset!");
 
-    return Core::DateTime::create(full_year, month.value(), day.value(), hour.value(), minute.value(), full_seconds);
+    return UnixDateTime::from_unix_time_parts(full_year, month.value(), day.value(), hour.value(), minute.value(), full_seconds, 0);
 }
 
-Optional<Core::DateTime> parse_generalized_time(StringView time)
+Optional<UnixDateTime> parse_generalized_time(StringView time)
 {
     // YYYYMMDDhh[mm[ss[.fff]]] or YYYYMMDDhh[mm[ss[.fff]]]Z or YYYYMMDDhh[mm[ss[.fff]]](+|-)hhmm
     GenericLexer lexer(time);
@@ -177,6 +177,7 @@ Optional<Core::DateTime> parse_generalized_time(StringView time)
     auto hour = lexer.consume(2).to_number<unsigned>();
     Optional<unsigned> minute, seconds, milliseconds, offset_hours, offset_minutes;
     [[maybe_unused]] bool negative_offset = false;
+
     if (!lexer.is_eof()) {
         if (lexer.consume_specific('Z'))
             goto done_parsing;
@@ -233,7 +234,6 @@ done_parsing:;
     if (offset_hours.has_value() || offset_minutes.has_value())
         dbgln("FIXME: Implement GeneralizedTime with offset!");
 
-    // Unceremoniously drop the milliseconds on the floor.
-    return Core::DateTime::create(year.value(), month.value(), day.value(), hour.value(), minute.value_or(0), seconds.value_or(0));
+    return UnixDateTime::from_unix_time_parts(year.value(), month.value(), day.value(), hour.value(), minute.value_or(0), seconds.value_or(0), milliseconds.value_or(0));
 }
 }
diff --git a/Userland/Libraries/LibCrypto/ASN1/ASN1.h b/Userland/Libraries/LibCrypto/ASN1/ASN1.h
index 4c4f0ac732..dea932271a 100644
--- a/Userland/Libraries/LibCrypto/ASN1/ASN1.h
+++ b/Userland/Libraries/LibCrypto/ASN1/ASN1.h
@@ -6,8 +6,8 @@
 
 #pragma once
 
+#include <AK/Time.h>
 #include <AK/Types.h>
-#include <LibCore/DateTime.h>
 #include <LibCrypto/BigInt/UnsignedBigInteger.h>
 
 namespace Crypto::ASN1 {
@@ -75,7 +75,7 @@ ByteString kind_name(Kind);
 ByteString class_name(Class);
 ByteString type_name(Type);
 
-Optional<Core::DateTime> parse_utc_time(StringView);
-Optional<Core::DateTime> parse_generalized_time(StringView);
+Optional<UnixDateTime> parse_utc_time(StringView);
+Optional<UnixDateTime> parse_generalized_time(StringView);
 
 }
diff --git a/Userland/Libraries/LibTLS/Certificate.cpp b/Userland/Libraries/LibTLS/Certificate.cpp
index 793de9edf0..0d21ec074c 100644
--- a/Userland/Libraries/LibTLS/Certificate.cpp
+++ b/Userland/Libraries/LibTLS/Certificate.cpp
@@ -296,7 +296,7 @@ static ErrorOr<RelativeDistinguishedName> parse_name(Crypto::ASN1::Decoder& deco
     return rdn;
 }
 
-static ErrorOr<Core::DateTime> parse_time(Crypto::ASN1::Decoder& decoder, Vector<StringView> current_scope)
+static ErrorOr<UnixDateTime> parse_time(Crypto::ASN1::Decoder& decoder, Vector<StringView> current_scope)
 {
     // Time ::= Choice {
     //     utc_time     UTCTime,
diff --git a/Userland/Libraries/LibTLS/Certificate.h b/Userland/Libraries/LibTLS/Certificate.h
index e5bcde9981..f7bd33b5f4 100644
--- a/Userland/Libraries/LibTLS/Certificate.h
+++ b/Userland/Libraries/LibTLS/Certificate.h
@@ -9,9 +9,9 @@
 #include <AK/ByteBuffer.h>
 #include <AK/Forward.h>
 #include <AK/Optional.h>
+#include <AK/Time.h>
 #include <AK/Types.h>
 #include <LibCore/ConfigFile.h>
-#include <LibCore/DateTime.h>
 #include <LibCrypto/BigInt/UnsignedBigInteger.h>
 #include <LibCrypto/PK/RSA.h>
 #include <LibTLS/Extensions.h>
@@ -233,8 +233,8 @@ private:
 };
 
 struct Validity {
-    Core::DateTime not_before;
-    Core::DateTime not_after;
+    UnixDateTime not_before;
+    UnixDateTime not_after;
 };
 
 class SubjectPublicKey {
diff --git a/Userland/Libraries/LibTLS/TLSv12.cpp b/Userland/Libraries/LibTLS/TLSv12.cpp
index 8af2d9b410..dbe32e1fdf 100644
--- a/Userland/Libraries/LibTLS/TLSv12.cpp
+++ b/Userland/Libraries/LibTLS/TLSv12.cpp
@@ -104,15 +104,15 @@ void TLSv12::consume(ReadonlyBytes record)
 
 bool Certificate::is_valid() const
 {
-    auto now = Core::DateTime::now();
+    auto now = UnixDateTime::now();
 
     if (now < validity.not_before) {
-        dbgln("certificate expired (not yet valid, signed for {})", validity.not_before.to_byte_string());
+        dbgln("certificate expired (not yet valid, signed for {})", Core::DateTime::from_timestamp(validity.not_before.seconds_since_epoch()));
         return false;
     }
 
     if (validity.not_after < now) {
-        dbgln("certificate expired (expiry date {})", validity.not_after.to_byte_string());
+        dbgln("certificate expired (expiry date {})", Core::DateTime::from_timestamp(validity.not_after.seconds_since_epoch()));
         return false;
     }