SSL: add an autotest for handling of illegal datetimes in certificates

At the moment it just exposes QTBUG-84676, that is, OpenSSL
and non-OpenSSL backend act differently. Went a bit overkill
in making it data-driven, so if someone wants to add more
samples it should be easier to do so.

Change-Id: I96538c9563d12d69c217415ba85e244dda5e0cd0
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>

tests/auto/network/ssl/qsslcertificate/more-certificates/malformed-begin-end-dates.pem

@@ -0,0 +1,2 @@
+-----BEGIN CERTIFICATE-----
+MIIErzCCBFSgAwIBAgIQBaMIMVW6fgTAq8q7BU6m6TAKBggqhkjOPQQDAjBvMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEENsb3VkRmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkRmxhcmUgSW5jIEVDQyBDQS0yMB4XDTE5MDkxNzAwLDAwMFoXDTIwMDkxNjEyMDArMFowYTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnNULLNpc2NvMRkwFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMuMRIwEAYDVQQDEwl3d3cucXQuaW8wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATCHfRyOfNaR6ZIONJ2mUFGoMTB/mXT5/3+1BElqaexp5TtePMitpvzafO6lg9yrPnRCNOOLY8PVr8UsyE1vgd8o4IC3jCCAtowHwYDVR0jBBgwFoAUPnQtH89FdQR+P8Cihz5MQ4NRE8YwHQYDVR0OBBYEFJnMEH1N/llgjrkC0c4hQLigLYEnMBQGA1UdEQQNMAuCCXd3dy5xdC5pbzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHkGA1UdHwRyMHAwNqA0oDKGMGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9DbG91ZEZsYXJlSW5jRUNDQ0EyLmNybDA2oDSgMoYwaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Nsb3VkRmxhcmVJbmNFQ0NDQTIuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vQ2xvdWRGbGFyZUluY0VDQ0NBLTIuY3J0MAwGA1UdEwEB/wQCMAAwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAW0/KQEkAAAEAwBGMEQCIFudltIvq4YPoqY745zrVYE3+qrjbU6NuLCOMPLEMENTOFDEFAULTZoLW0POcpy1hB6r0LCam1AwM36sid3c2NQrHegB1AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAABbT8pAI0AAAQDAEYwRAIgYUe0AV7ZXULXW2B36PIxX0jgNZBWVysxtS0r5FBLyoCIHAcTzYwd2twibcSnO4H5POizARztY9B1DQJyrjVxLpKMAoGCCqGSM49BAMCA0kAMEYCIQCjNusXAtuu6/nEz8acpiL294GDtxhaP7cHNbB9O5/GjgIhAObs7/s8+q6q8FVHAetQ2gBkOBtN4uGkYqv1hwsc73Sf-----END CERTIFICATE-----

tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp

@@ -106,6 +106,8 @@ private slots:
     void version_data();
     void version();
     void pkcs12();
+    void invalidDateTime_data();
+    void invalidDateTime();
 
     // helper for verbose test failure messages
     QString toString(const QList<QSslError>&);
@@ -1370,6 +1372,45 @@ void tst_QSslCertificate::pkcs12()
     nocert.close();
 }
 
+void tst_QSslCertificate::invalidDateTime_data()
+{
+    QTest::addColumn<QString>("path");
+    QTest::addColumn<bool>("effectiveDateIsValid");
+    QTest::addColumn<bool>("expiryDateIsValid");
+
+    QTest::addRow("invalid-begin-end") << testDataDir + "more-certificates/malformed-begin-end-dates.pem"
+                                       << false
+                                       << false;
+}
+
+void tst_QSslCertificate::invalidDateTime()
+{
+    QFETCH(QString, path);
+    QFETCH(bool, effectiveDateIsValid);
+    QFETCH(bool, expiryDateIsValid);
+
+    QList<QSslCertificate> certList = QSslCertificate::fromPath(path);
+
+    // QTBUG-84676: on OpenSSL we get a valid certificate with null dates,
+    // on other backends we don't get a certificate at all.
+    switch (certList.size()) {
+    case 0:
+        break;
+
+    case 1: {
+        const QSslCertificate &cert = certList.at(0);
+        QVERIFY(!cert.isNull());
+        QCOMPARE(cert.effectiveDate().isValid(), effectiveDateIsValid);
+        QCOMPARE(cert.expiryDate().isValid(), expiryDateIsValid);
+        break;
+    }
+
+    default:
+        QFAIL("Only one certificate should have been loaded");
+        break;
+    }
+}
+
 #endif // QT_NO_SSL
 
 QTEST_MAIN(tst_QSslCertificate)