Skip to content

Commit

Permalink
fix ASN.1 date parsing w/ milliseconds
Browse files Browse the repository at this point in the history
Signed-off-by: Brian DeHamer <bdehamer@github.com>
  • Loading branch information
bdehamer committed Dec 30, 2023
1 parent f76e9c5 commit a3a4ea6
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 3 deletions.
5 changes: 5 additions & 0 deletions .changeset/friendly-toes-end.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@sigstore/core": patch
---

Bug fix for parsing ASN.1 date/time values which include milliseconds
10 changes: 9 additions & 1 deletion packages/core/src/__tests__/asn1/parse.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ describe('parseTime', () => {

describe('when year is less than 50', () => {
it('parses the date', () => {
expect(parseTime(Buffer.from('180212121110Z'), true)).toEqual(
expect(parseTime(Buffer.from('180212121110.099Z'), true)).toEqual(
new Date('2018-02-12T12:11:10Z')
);
});
Expand All @@ -71,6 +71,14 @@ describe('parseTime', () => {
});
});

describe('with long year and milliseconds', () => {
it('parses the date', () => {
expect(parseTime(Buffer.from('19180212121110.099Z'), false)).toEqual(
new Date('1918-02-12T12:11:10Z')
);
});
});

describe('when the time is invalid', () => {
it('throws an error', () => {
expect(() => parseTime(Buffer.from('FOOBAR'), true)).toThrow(
Expand Down
6 changes: 4 additions & 2 deletions packages/core/src/asn1/parse.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,10 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
const RE_TIME_SHORT_YEAR = /^(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})Z$/;
const RE_TIME_LONG_YEAR = /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})Z$/;
const RE_TIME_SHORT_YEAR =
/^(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(\.\d{3})?Z$/;
const RE_TIME_LONG_YEAR =
/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(\.\d{3})?Z$/;

// Parse a BigInt from the DER-encoded buffer
// https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-integer
Expand Down

0 comments on commit a3a4ea6

Please sign in to comment.