Use newer microsoft.com certificate chain in X.509 tests

src/libraries/System.Security.Cryptography.X509Certificates/tests/CertTests.cs

@@ -104,15 +104,15 @@ public void TestVerify()
         {
             bool success;
 
-            using (var microsoftDotCom = new X509Certificate2(TestData.MicrosoftDotComSslCertBytes))
+            using (var microsoftDotCom = new X509Certificate2(TestData.MicrosoftDotComLegacySslCertBytes))
             {
                 // Fails because expired (NotAfter = 10/16/2016)
-                Assert.False(microsoftDotCom.Verify(), "MicrosoftDotComSslCertBytes");
+                Assert.False(microsoftDotCom.Verify(), "MicrosoftDotComLegacySslCertBytes");
             }
 
             using (var microsoftDotComIssuer = new X509Certificate2(TestData.MicrosoftDotComIssuerBytes))
             {
-                // NotAfter=10/31/2023
+                // NotAfter=10/8/2024, 7:00:00 AM UTC
                 success = microsoftDotComIssuer.Verify();
                 if (!success)
                 {
@@ -128,7 +128,7 @@ public void TestVerify()
             {
                 using (var microsoftDotComRoot = new X509Certificate2(TestData.MicrosoftDotComRootBytes))
                 {
-                    // NotAfter=7/17/2036
+                    // NotAfter=7/17/2025
                     success = microsoftDotComRoot.Verify();
                     if (!success)
                     {

src/libraries/System.Security.Cryptography.X509Certificates/tests/ChainTests.cs

@@ -23,7 +23,7 @@ private static bool TrustsMicrosoftDotComRoot
                 using (var chainHolder = new ChainHolder())
                 {
                     X509Chain chain = chainHolder.Chain;
-                    chain.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                    chain.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                     chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                     return chain.Build(microsoftDotCom);
@@ -49,7 +49,7 @@ public static void BuildChain()
 
                 // Halfway between microsoftDotCom's NotBefore and NotAfter
                 // This isn't a boundary condition test.
-                chain.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                chain.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                 chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                 bool valid = chain.Build(microsoftDotCom);
@@ -81,7 +81,7 @@ public static void VerifyChainFromHandle()
                 chain.ChainPolicy.ExtraStore.Add(microsoftDotComRoot);
                 chain.ChainPolicy.ExtraStore.Add(microsoftDotComIssuer);
                 chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
-                chain.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                chain.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                 chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                 bool valid = chain.Build(microsoftDotCom);
@@ -112,7 +112,7 @@ public static void VerifyChainFromHandle()
 
                     // Re-set the ChainPolicy properties
                     chain2.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
-                    chain2.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                    chain2.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                     chain2.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                     valid = chain2.Build(microsoftDotCom);
@@ -130,7 +130,7 @@ public static void VerifyChainFromHandle_Unix()
             {
                 X509Chain chain = chainHolder.Chain;
                 chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
-                chain.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                chain.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                 chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                 bool valid = chain.Build(microsoftDotCom);
@@ -152,7 +152,7 @@ public static void TestDispose()
             {
                 chain = chainHolder.Chain;
                 chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
-                chain.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                chain.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                 chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
                 chain.Build(microsoftDotCom);
 
@@ -368,17 +368,17 @@ public static void Invalidx509ChainTrustMode(int trustMode)
             }
         }
 
-        public static IEnumerable<object[]> VerifyExpressionData()
+        public static IEnumerable<object[]> VerifyExpirationData()
         {
             // The test will be using the chain for TestData.MicrosoftDotComSslCertBytes
-            // The leaf cert (microsoft.com) is valid from 2014-10-15 00:00:00Z to 2016-10-15 23:59:59Z
+            // The leaf cert (microsoft.com) is valid from 2020-08-28 22:17:02Z to 2021-08-28 22:17:02Z
             DateTime[] validTimes =
             {
                 // The NotBefore value
-                new DateTime(2014, 10, 15, 0, 0, 0, DateTimeKind.Utc),
+                new DateTime(2020, 08, 28, 22, 17, 02, DateTimeKind.Utc),
 
                 // One second before the NotAfter value
-                new DateTime(2016, 10, 15, 23, 59, 58, DateTimeKind.Utc),
+                new DateTime(2021, 08, 28, 22, 17, 01, DateTimeKind.Utc),
             };
 
             // The NotAfter value as a boundary condition differs on Windows and OpenSSL.
@@ -390,10 +390,10 @@ public static IEnumerable<object[]> VerifyExpressionData()
             DateTime[] invalidTimes =
             {
                 // One second before the NotBefore time
-                new DateTime(2014, 10, 14, 23, 59, 59, DateTimeKind.Utc),
+                new DateTime(2020, 08, 28, 22, 17, 01, DateTimeKind.Utc),
 
                 // One second after the NotAfter time
-                new DateTime(2016, 10, 16, 0, 0, 0, DateTimeKind.Utc),
+                new DateTime(2021, 08, 28, 22, 17, 03, DateTimeKind.Utc),
             };
 
             List<object[]> testCases = new List<object[]>((validTimes.Length + invalidTimes.Length) * 3);
@@ -426,7 +426,7 @@ public static IEnumerable<object[]> VerifyExpressionData()
         }
 
         [Theory]
-        [MemberData(nameof(VerifyExpressionData))]
+        [MemberData(nameof(VerifyExpirationData))]
         public static void VerifyExpiration_LocalTime(DateTime verificationTime, bool shouldBeValid)
         {
             using (var microsoftDotCom = new X509Certificate2(TestData.MicrosoftDotComSslCertBytes))
@@ -684,7 +684,7 @@ public static void BuildChain_MicrosoftDotCom_WithRootCertInUserAndSystemRootCer
                         }
 
                         X509Chain chainValidator = chainHolder.Chain;
-                        chainValidator.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                        chainValidator.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                         chainValidator.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                         bool chainBuildResult = chainValidator.Build(microsoftDotCom);

src/libraries/System.Security.Cryptography.X509Certificates/tests/CollectionTests.cs

@@ -809,7 +809,7 @@ public static void ExportMultiplePrivateKeys()
                 Assert.Equal(2, originalPrivateKeyCount);
 
                 byte[] exported = collection.Export(X509ContentType.Pkcs12);
-                
+
                 using (ImportedCollection ic = Cert.Import(exported))
                 {
                     X509Certificate2Collection importedCollection = ic.Collection;
@@ -1305,7 +1305,7 @@ public static void X509ChainElementCollection_IndexerVsEnumerator()
 
                 // Halfway between microsoftDotCom's NotBefore and NotAfter
                 // This isn't a boundary condition test.
-                chain.ChainPolicy.VerificationTime = new DateTime(2015, 10, 15, 12, 01, 01, DateTimeKind.Local);
+                chain.ChainPolicy.VerificationTime = new DateTime(2021, 02, 26, 12, 01, 01, DateTimeKind.Local);
                 chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
 
                 bool valid = chain.Build(microsoftDotCom);
@@ -1465,7 +1465,7 @@ public static void ImportFromPem_MultiplePems_Success()
         public static void ImportFromPemFile_MultiplePems_Success()
         {
             string pemAggregate = TestData.RsaCertificate + TestData.ECDsaCertificate;
-    
+
             using (TempFileHolder aggregatePemFile = new TempFileHolder(pemAggregate))
             using(ImportedCollection ic = Cert.ImportFromPemFile(aggregatePemFile.FilePath))
             {