narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[tls] Parse X.509 validity times into seconds since the Epoch 

Signed-off-by: Michael Brown <mcb30@ipxe.org>
pull/6/head
Michael Brown 2012-03-19 22:49:09 +00:00
parent 5da712385e
commit 0610bcb1d2
2 changed files with 17 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/crypto/x509.c
View File

@ -20,6 +20,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <string.h> #include <string.h>
#include <ctype.h> #include <ctype.h>
#include <time.h>
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include <ipxe/asn1.h> #include <ipxe/asn1.h>
@ -331,6 +332,7 @@ static int x509_parse_time ( struct x509_certificate *cert,
} __attribute__ (( packed )) named; } __attribute__ (( packed )) named;
uint8_t raw[7]; uint8_t raw[7];
} pairs; } pairs;
struct tm tm;
const uint8_t *data; const uint8_t *data;
size_t remaining; size_t remaining;
unsigned int tens; unsigned int tens;
@ -395,12 +397,16 @@ static int x509_parse_time ( struct x509_certificate *cert,
} }
/* Fill in time */ /* Fill in time */
time->year = ( ( pairs.named.century * 100 ) + pairs.named.year ); tm.tm_year = ( ( ( pairs.named.century - 19 ) * 100 ) +
time->month = pairs.named.month; pairs.named.year );
time->day = pairs.named.day; tm.tm_mon = ( pairs.named.month - 1 );
time->hour = pairs.named.hour; tm.tm_mday = pairs.named.day;
time->minute = pairs.named.minute; tm.tm_hour = pairs.named.hour;
time->second = pairs.named.second; tm.tm_min = pairs.named.minute;
tm.tm_sec = pairs.named.second;
/* Convert to seconds since the Epoch */
time->time = mktime ( &tm );
return 0; return 0;
} }
@ -492,17 +498,13 @@ static int x509_parse_validity ( struct x509_certificate *cert,
/* Parse notBefore */ /* Parse notBefore */
if ( ( rc = x509_parse_time ( cert, not_before, &cursor ) ) != 0 ) if ( ( rc = x509_parse_time ( cert, not_before, &cursor ) ) != 0 )
return rc; return rc;
DBGC ( cert, "X509 %p valid from %04d-%02d-%02d %02d:%02d:%02d\n", DBGC ( cert, "X509 %p valid from time %lld\n", cert, not_before->time );
cert, not_before->year, not_before->month, not_before->day,
not_before->hour, not_before->minute, not_before->second );
asn1_skip_any ( &cursor ); asn1_skip_any ( &cursor );
/* Parse notAfter */ /* Parse notAfter */
if ( ( rc = x509_parse_time ( cert, not_after, &cursor ) ) != 0 ) if ( ( rc = x509_parse_time ( cert, not_after, &cursor ) ) != 0 )
return rc; return rc;
DBGC ( cert, "X509 %p valid until %04d-%02d-%02d %02d:%02d:%02d\n", DBGC ( cert, "X509 %p valid until time %lld\n", cert, not_after->time );
cert, not_after->year, not_after->month, not_after->day,
not_after->hour, not_after->minute, not_after->second );
return 0; return 0;
} }

15
src/include/ipxe/x509.h
View File

@ -11,6 +11,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <stdint.h> #include <stdint.h>
#include <stddef.h> #include <stddef.h>
#include <time.h>
#include <ipxe/asn1.h> #include <ipxe/asn1.h>
/** ASN.1 OID for joint-iso-itu-t(2) ds(5) attributeType(4) */ /** ASN.1 OID for joint-iso-itu-t(2) ds(5) attributeType(4) */
@ -70,18 +71,8 @@ struct x509_issuer {
/** An X.509 time */ /** An X.509 time */
struct x509_time { struct x509_time {
/** Year */ /** Seconds since the Epoch */
uint16_t year; time_t time;
/** Month */
uint8_t month;
/** Day */
uint8_t day;
/** Hour */
uint8_t hour;
/** Minute */
uint8_t minute;
/** Second */
uint8_t second;
}; };
/** An X.509 certificate validity period */ /** An X.509 certificate validity period */