]>
Commit | Line | Data |
---|---|---|
2039c421 | 1 | /* |
33388b44 | 2 | * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. |
f6aed2cd | 3 | * |
365a2d99 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2039c421 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
f6aed2cd DSH |
8 | */ |
9 | ||
1d97c843 TH |
10 | /*- |
11 | * This is an implementation of the ASN1 Time structure which is: | |
f6aed2cd DSH |
12 | * Time ::= CHOICE { |
13 | * utcTime UTCTime, | |
14 | * generalTime GeneralizedTime } | |
f6aed2cd DSH |
15 | */ |
16 | ||
17 | #include <stdio.h> | |
18 | #include <time.h> | |
25f2138b | 19 | #include "crypto/ctype.h" |
b39fc560 | 20 | #include "internal/cryptlib.h" |
9d6b1ce6 | 21 | #include <openssl/asn1t.h> |
706457b7 | 22 | #include "asn1_local.h" |
f6aed2cd | 23 | |
9d6b1ce6 | 24 | IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME) |
08e9c1af | 25 | |
9d6b1ce6 | 26 | IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) |
fe4309b0 | 27 | IMPLEMENT_ASN1_DUP_FUNCTION(ASN1_TIME) |
08e9c1af | 28 | |
cf37aaa3 TS |
29 | static int is_utc(const int year) |
30 | { | |
31 | if (50 <= year && year <= 149) | |
32 | return 1; | |
33 | return 0; | |
34 | } | |
35 | ||
3d0f1cb9 PY |
36 | static int leap_year(const int year) |
37 | { | |
38 | if (year % 400 == 0 || (year % 100 != 0 && year % 4 == 0)) | |
39 | return 1; | |
40 | return 0; | |
41 | } | |
42 | ||
1a68e5b0 P |
43 | /* |
44 | * Compute the day of the week and the day of the year from the year, month | |
45 | * and day. The day of the year is straightforward, the day of the week uses | |
46 | * a form of Zeller's congruence. For this months start with March and are | |
47 | * numbered 4 through 15. | |
48 | */ | |
49 | static void determine_days(struct tm *tm) | |
50 | { | |
51 | static const int ydays[12] = { | |
52 | 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 | |
53 | }; | |
54 | int y = tm->tm_year + 1900; | |
55 | int m = tm->tm_mon; | |
56 | int d = tm->tm_mday; | |
57 | int c; | |
58 | ||
59 | tm->tm_yday = ydays[m] + d - 1; | |
60 | if (m >= 2) { | |
61 | /* March and onwards can be one day further into the year */ | |
62 | tm->tm_yday += leap_year(y); | |
63 | m += 2; | |
64 | } else { | |
65 | /* Treat January and February as part of the previous year */ | |
66 | m += 14; | |
67 | y--; | |
68 | } | |
69 | c = y / 100; | |
70 | y %= 100; | |
c2969ff6 | 71 | /* Zeller's congruence */ |
1a68e5b0 P |
72 | tm->tm_wday = (d + (13 * m) / 5 + y + y / 4 + c / 4 + 5 * c + 6) % 7; |
73 | } | |
74 | ||
3d0f1cb9 PY |
75 | int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) |
76 | { | |
77 | static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 }; | |
78 | static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 }; | |
79 | static const int mdays[12] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }; | |
80 | char *a; | |
81 | int n, i, i2, l, o, min_l = 11, strict = 0, end = 6, btz = 5, md; | |
82 | struct tm tmp; | |
48102247 | 83 | #if defined(CHARSET_EBCDIC) |
84 | const char upper_z = 0x5A, num_zero = 0x30, period = 0x2E, minus = 0x2D, plus = 0x2B; | |
85 | #else | |
86 | const char upper_z = 'Z', num_zero = '0', period = '.', minus = '-', plus = '+'; | |
87 | #endif | |
3d0f1cb9 PY |
88 | /* |
89 | * ASN1_STRING_FLAG_X509_TIME is used to enforce RFC 5280 | |
90 | * time string format, in which: | |
91 | * | |
92 | * 1. "seconds" is a 'MUST' | |
93 | * 2. "Zulu" timezone is a 'MUST' | |
94 | * 3. "+|-" is not allowed to indicate a time zone | |
95 | */ | |
96 | if (d->type == V_ASN1_UTCTIME) { | |
97 | if (d->flags & ASN1_STRING_FLAG_X509_TIME) { | |
98 | min_l = 13; | |
99 | strict = 1; | |
100 | } | |
101 | } else if (d->type == V_ASN1_GENERALIZEDTIME) { | |
102 | end = 7; | |
103 | btz = 6; | |
104 | if (d->flags & ASN1_STRING_FLAG_X509_TIME) { | |
105 | min_l = 15; | |
106 | strict = 1; | |
107 | } else { | |
108 | min_l = 13; | |
109 | } | |
110 | } else { | |
111 | return 0; | |
112 | } | |
113 | ||
114 | l = d->length; | |
115 | a = (char *)d->data; | |
116 | o = 0; | |
117 | memset(&tmp, 0, sizeof(tmp)); | |
118 | ||
119 | /* | |
120 | * GENERALIZEDTIME is similar to UTCTIME except the year is represented | |
121 | * as YYYY. This stuff treats everything as a two digit field so make | |
122 | * first two fields 00 to 99 | |
123 | */ | |
124 | ||
125 | if (l < min_l) | |
126 | goto err; | |
127 | for (i = 0; i < end; i++) { | |
48102247 | 128 | if (!strict && (i == btz) && ((a[o] == upper_z) || (a[o] == plus) || (a[o] == minus))) { |
3d0f1cb9 PY |
129 | i++; |
130 | break; | |
131 | } | |
48102247 | 132 | if (!ascii_isdigit(a[o])) |
3d0f1cb9 | 133 | goto err; |
48102247 | 134 | n = a[o] - num_zero; |
3d0f1cb9 PY |
135 | /* incomplete 2-digital number */ |
136 | if (++o == l) | |
137 | goto err; | |
138 | ||
48102247 | 139 | if (!ascii_isdigit(a[o])) |
3d0f1cb9 | 140 | goto err; |
48102247 | 141 | n = (n * 10) + a[o] - num_zero; |
3d0f1cb9 PY |
142 | /* no more bytes to read, but we haven't seen time-zone yet */ |
143 | if (++o == l) | |
144 | goto err; | |
145 | ||
146 | i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; | |
147 | ||
148 | if ((n < min[i2]) || (n > max[i2])) | |
149 | goto err; | |
150 | switch (i2) { | |
151 | case 0: | |
152 | /* UTC will never be here */ | |
153 | tmp.tm_year = n * 100 - 1900; | |
154 | break; | |
155 | case 1: | |
156 | if (d->type == V_ASN1_UTCTIME) | |
157 | tmp.tm_year = n < 50 ? n + 100 : n; | |
158 | else | |
159 | tmp.tm_year += n; | |
160 | break; | |
161 | case 2: | |
162 | tmp.tm_mon = n - 1; | |
163 | break; | |
164 | case 3: | |
165 | /* check if tm_mday is valid in tm_mon */ | |
166 | if (tmp.tm_mon == 1) { | |
167 | /* it's February */ | |
168 | md = mdays[1] + leap_year(tmp.tm_year + 1900); | |
169 | } else { | |
170 | md = mdays[tmp.tm_mon]; | |
171 | } | |
172 | if (n > md) | |
173 | goto err; | |
174 | tmp.tm_mday = n; | |
1a68e5b0 | 175 | determine_days(&tmp); |
3d0f1cb9 PY |
176 | break; |
177 | case 4: | |
178 | tmp.tm_hour = n; | |
179 | break; | |
180 | case 5: | |
181 | tmp.tm_min = n; | |
182 | break; | |
183 | case 6: | |
184 | tmp.tm_sec = n; | |
185 | break; | |
186 | } | |
187 | } | |
188 | ||
189 | /* | |
190 | * Optional fractional seconds: decimal point followed by one or more | |
191 | * digits. | |
192 | */ | |
48102247 | 193 | if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == period) { |
3d0f1cb9 PY |
194 | if (strict) |
195 | /* RFC 5280 forbids fractional seconds */ | |
196 | goto err; | |
197 | if (++o == l) | |
198 | goto err; | |
199 | i = o; | |
48102247 | 200 | while ((o < l) && ascii_isdigit(a[o])) |
3d0f1cb9 PY |
201 | o++; |
202 | /* Must have at least one digit after decimal point */ | |
203 | if (i == o) | |
204 | goto err; | |
205 | /* no more bytes to read, but we haven't seen time-zone yet */ | |
206 | if (o == l) | |
207 | goto err; | |
208 | } | |
209 | ||
210 | /* | |
211 | * 'o' will never point to '\0' at this point, the only chance | |
212 | * 'o' can point to '\0' is either the subsequent if or the first | |
213 | * else if is true. | |
214 | */ | |
48102247 | 215 | if (a[o] == upper_z) { |
3d0f1cb9 | 216 | o++; |
48102247 | 217 | } else if (!strict && ((a[o] == plus) || (a[o] == minus))) { |
218 | int offsign = a[o] == minus ? 1 : -1; | |
3d0f1cb9 PY |
219 | int offset = 0; |
220 | ||
221 | o++; | |
222 | /* | |
223 | * if not equal, no need to do subsequent checks | |
224 | * since the following for-loop will add 'o' by 4 | |
225 | * and the final return statement will check if 'l' | |
226 | * and 'o' are equal. | |
227 | */ | |
228 | if (o + 4 != l) | |
229 | goto err; | |
230 | for (i = end; i < end + 2; i++) { | |
48102247 | 231 | if (!ascii_isdigit(a[o])) |
3d0f1cb9 | 232 | goto err; |
48102247 | 233 | n = a[o] - num_zero; |
3d0f1cb9 | 234 | o++; |
48102247 | 235 | if (!ascii_isdigit(a[o])) |
3d0f1cb9 | 236 | goto err; |
48102247 | 237 | n = (n * 10) + a[o] - num_zero; |
3d0f1cb9 PY |
238 | i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; |
239 | if ((n < min[i2]) || (n > max[i2])) | |
240 | goto err; | |
241 | /* if tm is NULL, no need to adjust */ | |
242 | if (tm != NULL) { | |
243 | if (i == end) | |
244 | offset = n * 3600; | |
245 | else if (i == end + 1) | |
246 | offset += n * 60; | |
247 | } | |
248 | o++; | |
249 | } | |
250 | if (offset && !OPENSSL_gmtime_adj(&tmp, 0, offset * offsign)) | |
251 | goto err; | |
252 | } else { | |
253 | /* not Z, or not +/- in non-strict mode */ | |
254 | goto err; | |
255 | } | |
256 | if (o == l) { | |
257 | /* success, check if tm should be filled */ | |
258 | if (tm != NULL) | |
259 | *tm = tmp; | |
260 | return 1; | |
261 | } | |
262 | err: | |
263 | return 0; | |
264 | } | |
265 | ||
cf37aaa3 TS |
266 | ASN1_TIME *asn1_time_from_tm(ASN1_TIME *s, struct tm *ts, int type) |
267 | { | |
268 | char* p; | |
269 | ASN1_TIME *tmps = NULL; | |
270 | const size_t len = 20; | |
271 | ||
272 | if (type == V_ASN1_UNDEF) { | |
273 | if (is_utc(ts->tm_year)) | |
274 | type = V_ASN1_UTCTIME; | |
275 | else | |
276 | type = V_ASN1_GENERALIZEDTIME; | |
277 | } else if (type == V_ASN1_UTCTIME) { | |
278 | if (!is_utc(ts->tm_year)) | |
279 | goto err; | |
280 | } else if (type != V_ASN1_GENERALIZEDTIME) { | |
281 | goto err; | |
282 | } | |
283 | ||
284 | if (s == NULL) | |
285 | tmps = ASN1_STRING_new(); | |
286 | else | |
287 | tmps = s; | |
288 | if (tmps == NULL) | |
289 | return NULL; | |
290 | ||
291 | if (!ASN1_STRING_set(tmps, NULL, len)) | |
292 | goto err; | |
293 | ||
294 | tmps->type = type; | |
295 | p = (char*)tmps->data; | |
296 | ||
297 | if (type == V_ASN1_GENERALIZEDTIME) | |
298 | tmps->length = BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", | |
299 | ts->tm_year + 1900, ts->tm_mon + 1, | |
300 | ts->tm_mday, ts->tm_hour, ts->tm_min, | |
301 | ts->tm_sec); | |
302 | else | |
303 | tmps->length = BIO_snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", | |
304 | ts->tm_year % 100, ts->tm_mon + 1, | |
305 | ts->tm_mday, ts->tm_hour, ts->tm_min, | |
306 | ts->tm_sec); | |
307 | ||
48102247 | 308 | #ifdef CHARSET_EBCDIC |
cf37aaa3 TS |
309 | ebcdic2ascii(tmps->data, tmps->data, tmps->length); |
310 | #endif | |
311 | return tmps; | |
312 | err: | |
313 | if (tmps != s) | |
314 | ASN1_STRING_free(tmps); | |
315 | return NULL; | |
316 | } | |
317 | ||
6b691a5c | 318 | ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) |
0f113f3e MC |
319 | { |
320 | return ASN1_TIME_adj(s, t, 0, 0); | |
321 | } | |
87d3a0cd DSH |
322 | |
323 | ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, | |
0f113f3e MC |
324 | int offset_day, long offset_sec) |
325 | { | |
326 | struct tm *ts; | |
327 | struct tm data; | |
328 | ||
329 | ts = OPENSSL_gmtime(&t, &data); | |
330 | if (ts == NULL) { | |
9311d0c4 | 331 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ERROR_GETTING_TIME); |
0f113f3e MC |
332 | return NULL; |
333 | } | |
334 | if (offset_day || offset_sec) { | |
335 | if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) | |
336 | return NULL; | |
337 | } | |
cf37aaa3 | 338 | return asn1_time_from_tm(s, ts, V_ASN1_UNDEF); |
0f113f3e | 339 | } |
02e4fbed | 340 | |
359b0c9f | 341 | int ASN1_TIME_check(const ASN1_TIME *t) |
0f113f3e MC |
342 | { |
343 | if (t->type == V_ASN1_GENERALIZEDTIME) | |
344 | return ASN1_GENERALIZEDTIME_check(t); | |
345 | else if (t->type == V_ASN1_UTCTIME) | |
346 | return ASN1_UTCTIME_check(t); | |
347 | return 0; | |
348 | } | |
02e4fbed DSH |
349 | |
350 | /* Convert an ASN1_TIME structure to GeneralizedTime */ | |
9bfeeef8 | 351 | ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, |
0f113f3e MC |
352 | ASN1_GENERALIZEDTIME **out) |
353 | { | |
4483e234 | 354 | ASN1_GENERALIZEDTIME *ret = NULL; |
cf37aaa3 | 355 | struct tm tm; |
0f113f3e | 356 | |
cf37aaa3 | 357 | if (!ASN1_TIME_to_tm(t, &tm)) |
0f113f3e MC |
358 | return NULL; |
359 | ||
cf37aaa3 | 360 | if (out != NULL) |
0f113f3e MC |
361 | ret = *out; |
362 | ||
cf37aaa3 | 363 | ret = asn1_time_from_tm(ret, &tm, V_ASN1_GENERALIZEDTIME); |
0f113f3e | 364 | |
cf37aaa3 TS |
365 | if (out != NULL && ret != NULL) |
366 | *out = ret; | |
0f113f3e | 367 | |
cf37aaa3 | 368 | return ret; |
0f113f3e | 369 | } |
33ab2e31 DSH |
370 | |
371 | int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) | |
0f113f3e | 372 | { |
cf37aaa3 TS |
373 | /* Try UTC, if that fails, try GENERALIZED */ |
374 | if (ASN1_UTCTIME_set_string(s, str)) | |
375 | return 1; | |
376 | return ASN1_GENERALIZEDTIME_set_string(s, str); | |
0f113f3e | 377 | } |
359b0c9f | 378 | |
04e62715 RS |
379 | int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str) |
380 | { | |
381 | ASN1_TIME t; | |
382 | struct tm tm; | |
383 | int rv = 0; | |
384 | ||
385 | t.length = strlen(str); | |
386 | t.data = (unsigned char *)str; | |
387 | t.flags = ASN1_STRING_FLAG_X509_TIME; | |
388 | ||
389 | t.type = V_ASN1_UTCTIME; | |
390 | ||
391 | if (!ASN1_TIME_check(&t)) { | |
392 | t.type = V_ASN1_GENERALIZEDTIME; | |
393 | if (!ASN1_TIME_check(&t)) | |
394 | goto out; | |
395 | } | |
396 | ||
397 | /* | |
398 | * Per RFC 5280 (section 4.1.2.5.), the valid input time | |
399 | * strings should be encoded with the following rules: | |
400 | * | |
401 | * 1. UTC: YYMMDDHHMMSSZ, if YY < 50 (20YY) --> UTC: YYMMDDHHMMSSZ | |
402 | * 2. UTC: YYMMDDHHMMSSZ, if YY >= 50 (19YY) --> UTC: YYMMDDHHMMSSZ | |
403 | * 3. G'd: YYYYMMDDHHMMSSZ, if YYYY >= 2050 --> G'd: YYYYMMDDHHMMSSZ | |
404 | * 4. G'd: YYYYMMDDHHMMSSZ, if YYYY < 2050 --> UTC: YYMMDDHHMMSSZ | |
405 | * | |
406 | * Only strings of the 4th rule should be reformatted, but since a | |
407 | * UTC can only present [1950, 2050), so if the given time string | |
408 | * is less than 1950 (e.g. 19230419000000Z), we do nothing... | |
409 | */ | |
410 | ||
411 | if (s != NULL && t.type == V_ASN1_GENERALIZEDTIME) { | |
3d0f1cb9 | 412 | if (!asn1_time_to_tm(&tm, &t)) |
04e62715 | 413 | goto out; |
cf37aaa3 | 414 | if (is_utc(tm.tm_year)) { |
04e62715 RS |
415 | t.length -= 2; |
416 | /* | |
417 | * it's OK to let original t.data go since that's assigned | |
418 | * to a piece of memory allocated outside of this function. | |
419 | * new t.data would be freed after ASN1_STRING_copy is done. | |
420 | */ | |
421 | t.data = OPENSSL_zalloc(t.length + 1); | |
422 | if (t.data == NULL) | |
423 | goto out; | |
424 | memcpy(t.data, str + 2, t.length); | |
425 | t.type = V_ASN1_UTCTIME; | |
426 | } | |
427 | } | |
428 | ||
429 | if (s == NULL || ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) | |
430 | rv = 1; | |
431 | ||
432 | if (t.data != (unsigned char *)str) | |
433 | OPENSSL_free(t.data); | |
434 | out: | |
435 | return rv; | |
436 | } | |
437 | ||
1c036c64 | 438 | int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm) |
0f113f3e | 439 | { |
1c036c64 | 440 | if (s == NULL) { |
0f113f3e | 441 | time_t now_t; |
1c036c64 | 442 | |
0f113f3e | 443 | time(&now_t); |
1c036c64 | 444 | memset(tm, 0, sizeof(*tm)); |
52b6e17d | 445 | if (OPENSSL_gmtime(&now_t, tm) != NULL) |
0f113f3e MC |
446 | return 1; |
447 | return 0; | |
448 | } | |
449 | ||
3d0f1cb9 | 450 | return asn1_time_to_tm(tm, s); |
0f113f3e | 451 | } |
1c455bc0 | 452 | |
360ef676 | 453 | int ASN1_TIME_diff(int *pday, int *psec, |
0f113f3e MC |
454 | const ASN1_TIME *from, const ASN1_TIME *to) |
455 | { | |
456 | struct tm tm_from, tm_to; | |
1c036c64 TS |
457 | |
458 | if (!ASN1_TIME_to_tm(from, &tm_from)) | |
0f113f3e | 459 | return 0; |
1c036c64 | 460 | if (!ASN1_TIME_to_tm(to, &tm_to)) |
0f113f3e MC |
461 | return 0; |
462 | return OPENSSL_gmtime_diff(pday, psec, &tm_from, &tm_to); | |
463 | } | |
0d0099ea | 464 | |
f673c4f8 PY |
465 | static const char _asn1_mon[12][4] = { |
466 | "Jan", "Feb", "Mar", "Apr", "May", "Jun", | |
467 | "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" | |
468 | }; | |
469 | ||
0d0099ea DSH |
470 | int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) |
471 | { | |
f673c4f8 | 472 | char *v; |
b7e011f8 | 473 | int gmt = 0, l; |
f673c4f8 | 474 | struct tm stm; |
48102247 | 475 | const char upper_z = 0x5A, period = 0x2E; |
f673c4f8 PY |
476 | |
477 | if (!asn1_time_to_tm(&stm, tm)) { | |
478 | /* asn1_time_to_tm will check the time type */ | |
b09aa550 DDO |
479 | (void)BIO_write(bp, "Bad time value", 14); |
480 | return 0; | |
481 | /* It would have been more consistent to return BIO_write(...) */ | |
f673c4f8 PY |
482 | } |
483 | ||
484 | l = tm->length; | |
485 | v = (char *)tm->data; | |
48102247 | 486 | if (v[l - 1] == upper_z) |
f673c4f8 | 487 | gmt = 1; |
f673c4f8 | 488 | |
b7e011f8 AP |
489 | if (tm->type == V_ASN1_GENERALIZEDTIME) { |
490 | char *f = NULL; | |
491 | int f_len = 0; | |
492 | ||
493 | /* | |
494 | * Try to parse fractional seconds. '14' is the place of | |
495 | * 'fraction point' in a GeneralizedTime string. | |
496 | */ | |
48102247 | 497 | if (tm->length > 15 && v[14] == period) { |
b7e011f8 AP |
498 | f = &v[14]; |
499 | f_len = 1; | |
48102247 | 500 | while (14 + f_len < l && ascii_isdigit(f[f_len])) |
b7e011f8 AP |
501 | ++f_len; |
502 | } | |
503 | ||
f673c4f8 PY |
504 | return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s", |
505 | _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, | |
506 | stm.tm_min, stm.tm_sec, f_len, f, stm.tm_year + 1900, | |
b7e011f8 AP |
507 | (gmt ? " GMT" : "")) > 0; |
508 | } else { | |
f673c4f8 PY |
509 | return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", |
510 | _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, | |
511 | stm.tm_min, stm.tm_sec, stm.tm_year + 1900, | |
b7e011f8 AP |
512 | (gmt ? " GMT" : "")) > 0; |
513 | } | |
0d0099ea | 514 | } |
cf37aaa3 TS |
515 | |
516 | int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t) | |
517 | { | |
518 | struct tm stm, ttm; | |
519 | int day, sec; | |
520 | ||
521 | if (!ASN1_TIME_to_tm(s, &stm)) | |
522 | return -2; | |
523 | ||
524 | if (!OPENSSL_gmtime(&t, &ttm)) | |
525 | return -2; | |
526 | ||
527 | if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm)) | |
528 | return -2; | |
529 | ||
530 | if (day > 0 || sec > 0) | |
531 | return 1; | |
532 | if (day < 0 || sec < 0) | |
533 | return -1; | |
534 | return 0; | |
535 | } | |
536 | ||
537 | int ASN1_TIME_normalize(ASN1_TIME *t) | |
538 | { | |
539 | struct tm tm; | |
540 | ||
541 | if (!ASN1_TIME_to_tm(t, &tm)) | |
542 | return 0; | |
543 | ||
544 | return asn1_time_from_tm(t, &tm, V_ASN1_UNDEF) != NULL; | |
545 | } | |
546 | ||
547 | int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b) | |
548 | { | |
549 | int day, sec; | |
550 | ||
e44d3761 | 551 | if (!ASN1_TIME_diff(&day, &sec, b, a)) |
cf37aaa3 TS |
552 | return -2; |
553 | if (day > 0 || sec > 0) | |
554 | return 1; | |
555 | if (day < 0 || sec < 0) | |
556 | return -1; | |
557 | return 0; | |
558 | } |