]>
Commit | Line | Data |
---|---|---|
2039c421 | 1 | /* |
4333b89f | 2 | * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. |
f6aed2cd | 3 | * |
365a2d99 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2039c421 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
f6aed2cd DSH |
8 | */ |
9 | ||
1d97c843 TH |
10 | /*- |
11 | * This is an implementation of the ASN1 Time structure which is: | |
f6aed2cd DSH |
12 | * Time ::= CHOICE { |
13 | * utcTime UTCTime, | |
14 | * generalTime GeneralizedTime } | |
f6aed2cd DSH |
15 | */ |
16 | ||
17 | #include <stdio.h> | |
18 | #include <time.h> | |
63162e3d | 19 | #include "crypto/asn1.h" |
25f2138b | 20 | #include "crypto/ctype.h" |
b39fc560 | 21 | #include "internal/cryptlib.h" |
9d6b1ce6 | 22 | #include <openssl/asn1t.h> |
706457b7 | 23 | #include "asn1_local.h" |
f6aed2cd | 24 | |
9d6b1ce6 | 25 | IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME) |
08e9c1af | 26 | |
9d6b1ce6 | 27 | IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) |
fe4309b0 | 28 | IMPLEMENT_ASN1_DUP_FUNCTION(ASN1_TIME) |
08e9c1af | 29 | |
cf37aaa3 TS |
30 | static int is_utc(const int year) |
31 | { | |
32 | if (50 <= year && year <= 149) | |
33 | return 1; | |
34 | return 0; | |
35 | } | |
36 | ||
3d0f1cb9 PY |
37 | static int leap_year(const int year) |
38 | { | |
39 | if (year % 400 == 0 || (year % 100 != 0 && year % 4 == 0)) | |
40 | return 1; | |
41 | return 0; | |
42 | } | |
43 | ||
1a68e5b0 P |
44 | /* |
45 | * Compute the day of the week and the day of the year from the year, month | |
46 | * and day. The day of the year is straightforward, the day of the week uses | |
47 | * a form of Zeller's congruence. For this months start with March and are | |
48 | * numbered 4 through 15. | |
49 | */ | |
50 | static void determine_days(struct tm *tm) | |
51 | { | |
52 | static const int ydays[12] = { | |
53 | 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 | |
54 | }; | |
55 | int y = tm->tm_year + 1900; | |
56 | int m = tm->tm_mon; | |
57 | int d = tm->tm_mday; | |
58 | int c; | |
59 | ||
60 | tm->tm_yday = ydays[m] + d - 1; | |
61 | if (m >= 2) { | |
62 | /* March and onwards can be one day further into the year */ | |
63 | tm->tm_yday += leap_year(y); | |
64 | m += 2; | |
65 | } else { | |
66 | /* Treat January and February as part of the previous year */ | |
67 | m += 14; | |
68 | y--; | |
69 | } | |
70 | c = y / 100; | |
71 | y %= 100; | |
c2969ff6 | 72 | /* Zeller's congruence */ |
1a68e5b0 P |
73 | tm->tm_wday = (d + (13 * m) / 5 + y + y / 4 + c / 4 + 5 * c + 6) % 7; |
74 | } | |
75 | ||
adf7e6d1 | 76 | int ossl_asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) |
3d0f1cb9 PY |
77 | { |
78 | static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 }; | |
79 | static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 }; | |
80 | static const int mdays[12] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }; | |
81 | char *a; | |
82 | int n, i, i2, l, o, min_l = 11, strict = 0, end = 6, btz = 5, md; | |
83 | struct tm tmp; | |
48102247 | 84 | #if defined(CHARSET_EBCDIC) |
85 | const char upper_z = 0x5A, num_zero = 0x30, period = 0x2E, minus = 0x2D, plus = 0x2B; | |
86 | #else | |
87 | const char upper_z = 'Z', num_zero = '0', period = '.', minus = '-', plus = '+'; | |
88 | #endif | |
3d0f1cb9 PY |
89 | /* |
90 | * ASN1_STRING_FLAG_X509_TIME is used to enforce RFC 5280 | |
91 | * time string format, in which: | |
92 | * | |
93 | * 1. "seconds" is a 'MUST' | |
94 | * 2. "Zulu" timezone is a 'MUST' | |
95 | * 3. "+|-" is not allowed to indicate a time zone | |
96 | */ | |
97 | if (d->type == V_ASN1_UTCTIME) { | |
98 | if (d->flags & ASN1_STRING_FLAG_X509_TIME) { | |
99 | min_l = 13; | |
100 | strict = 1; | |
101 | } | |
102 | } else if (d->type == V_ASN1_GENERALIZEDTIME) { | |
103 | end = 7; | |
104 | btz = 6; | |
105 | if (d->flags & ASN1_STRING_FLAG_X509_TIME) { | |
106 | min_l = 15; | |
107 | strict = 1; | |
108 | } else { | |
109 | min_l = 13; | |
110 | } | |
111 | } else { | |
112 | return 0; | |
113 | } | |
114 | ||
115 | l = d->length; | |
116 | a = (char *)d->data; | |
117 | o = 0; | |
118 | memset(&tmp, 0, sizeof(tmp)); | |
119 | ||
120 | /* | |
121 | * GENERALIZEDTIME is similar to UTCTIME except the year is represented | |
122 | * as YYYY. This stuff treats everything as a two digit field so make | |
123 | * first two fields 00 to 99 | |
124 | */ | |
125 | ||
126 | if (l < min_l) | |
127 | goto err; | |
128 | for (i = 0; i < end; i++) { | |
48102247 | 129 | if (!strict && (i == btz) && ((a[o] == upper_z) || (a[o] == plus) || (a[o] == minus))) { |
3d0f1cb9 PY |
130 | i++; |
131 | break; | |
132 | } | |
adf7e6d1 | 133 | if (!ossl_ascii_isdigit(a[o])) |
3d0f1cb9 | 134 | goto err; |
48102247 | 135 | n = a[o] - num_zero; |
3d0f1cb9 PY |
136 | /* incomplete 2-digital number */ |
137 | if (++o == l) | |
138 | goto err; | |
139 | ||
adf7e6d1 | 140 | if (!ossl_ascii_isdigit(a[o])) |
3d0f1cb9 | 141 | goto err; |
48102247 | 142 | n = (n * 10) + a[o] - num_zero; |
3d0f1cb9 PY |
143 | /* no more bytes to read, but we haven't seen time-zone yet */ |
144 | if (++o == l) | |
145 | goto err; | |
146 | ||
147 | i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; | |
148 | ||
149 | if ((n < min[i2]) || (n > max[i2])) | |
150 | goto err; | |
151 | switch (i2) { | |
152 | case 0: | |
153 | /* UTC will never be here */ | |
154 | tmp.tm_year = n * 100 - 1900; | |
155 | break; | |
156 | case 1: | |
157 | if (d->type == V_ASN1_UTCTIME) | |
158 | tmp.tm_year = n < 50 ? n + 100 : n; | |
159 | else | |
160 | tmp.tm_year += n; | |
161 | break; | |
162 | case 2: | |
163 | tmp.tm_mon = n - 1; | |
164 | break; | |
165 | case 3: | |
166 | /* check if tm_mday is valid in tm_mon */ | |
167 | if (tmp.tm_mon == 1) { | |
168 | /* it's February */ | |
169 | md = mdays[1] + leap_year(tmp.tm_year + 1900); | |
170 | } else { | |
171 | md = mdays[tmp.tm_mon]; | |
172 | } | |
173 | if (n > md) | |
174 | goto err; | |
175 | tmp.tm_mday = n; | |
1a68e5b0 | 176 | determine_days(&tmp); |
3d0f1cb9 PY |
177 | break; |
178 | case 4: | |
179 | tmp.tm_hour = n; | |
180 | break; | |
181 | case 5: | |
182 | tmp.tm_min = n; | |
183 | break; | |
184 | case 6: | |
185 | tmp.tm_sec = n; | |
186 | break; | |
187 | } | |
188 | } | |
189 | ||
190 | /* | |
191 | * Optional fractional seconds: decimal point followed by one or more | |
192 | * digits. | |
193 | */ | |
48102247 | 194 | if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == period) { |
3d0f1cb9 PY |
195 | if (strict) |
196 | /* RFC 5280 forbids fractional seconds */ | |
197 | goto err; | |
198 | if (++o == l) | |
199 | goto err; | |
200 | i = o; | |
adf7e6d1 | 201 | while ((o < l) && ossl_ascii_isdigit(a[o])) |
3d0f1cb9 PY |
202 | o++; |
203 | /* Must have at least one digit after decimal point */ | |
204 | if (i == o) | |
205 | goto err; | |
206 | /* no more bytes to read, but we haven't seen time-zone yet */ | |
207 | if (o == l) | |
208 | goto err; | |
209 | } | |
210 | ||
211 | /* | |
212 | * 'o' will never point to '\0' at this point, the only chance | |
213 | * 'o' can point to '\0' is either the subsequent if or the first | |
214 | * else if is true. | |
215 | */ | |
48102247 | 216 | if (a[o] == upper_z) { |
3d0f1cb9 | 217 | o++; |
48102247 | 218 | } else if (!strict && ((a[o] == plus) || (a[o] == minus))) { |
219 | int offsign = a[o] == minus ? 1 : -1; | |
3d0f1cb9 PY |
220 | int offset = 0; |
221 | ||
222 | o++; | |
223 | /* | |
224 | * if not equal, no need to do subsequent checks | |
225 | * since the following for-loop will add 'o' by 4 | |
226 | * and the final return statement will check if 'l' | |
227 | * and 'o' are equal. | |
228 | */ | |
229 | if (o + 4 != l) | |
230 | goto err; | |
231 | for (i = end; i < end + 2; i++) { | |
adf7e6d1 | 232 | if (!ossl_ascii_isdigit(a[o])) |
3d0f1cb9 | 233 | goto err; |
48102247 | 234 | n = a[o] - num_zero; |
3d0f1cb9 | 235 | o++; |
adf7e6d1 | 236 | if (!ossl_ascii_isdigit(a[o])) |
3d0f1cb9 | 237 | goto err; |
48102247 | 238 | n = (n * 10) + a[o] - num_zero; |
3d0f1cb9 PY |
239 | i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; |
240 | if ((n < min[i2]) || (n > max[i2])) | |
241 | goto err; | |
242 | /* if tm is NULL, no need to adjust */ | |
243 | if (tm != NULL) { | |
244 | if (i == end) | |
245 | offset = n * 3600; | |
246 | else if (i == end + 1) | |
247 | offset += n * 60; | |
248 | } | |
249 | o++; | |
250 | } | |
251 | if (offset && !OPENSSL_gmtime_adj(&tmp, 0, offset * offsign)) | |
252 | goto err; | |
253 | } else { | |
254 | /* not Z, or not +/- in non-strict mode */ | |
255 | goto err; | |
256 | } | |
257 | if (o == l) { | |
258 | /* success, check if tm should be filled */ | |
259 | if (tm != NULL) | |
260 | *tm = tmp; | |
261 | return 1; | |
262 | } | |
263 | err: | |
264 | return 0; | |
265 | } | |
266 | ||
adf7e6d1 | 267 | ASN1_TIME *ossl_asn1_time_from_tm(ASN1_TIME *s, struct tm *ts, int type) |
cf37aaa3 TS |
268 | { |
269 | char* p; | |
270 | ASN1_TIME *tmps = NULL; | |
271 | const size_t len = 20; | |
272 | ||
273 | if (type == V_ASN1_UNDEF) { | |
274 | if (is_utc(ts->tm_year)) | |
275 | type = V_ASN1_UTCTIME; | |
276 | else | |
277 | type = V_ASN1_GENERALIZEDTIME; | |
278 | } else if (type == V_ASN1_UTCTIME) { | |
279 | if (!is_utc(ts->tm_year)) | |
280 | goto err; | |
281 | } else if (type != V_ASN1_GENERALIZEDTIME) { | |
282 | goto err; | |
283 | } | |
284 | ||
285 | if (s == NULL) | |
286 | tmps = ASN1_STRING_new(); | |
287 | else | |
288 | tmps = s; | |
289 | if (tmps == NULL) | |
290 | return NULL; | |
291 | ||
292 | if (!ASN1_STRING_set(tmps, NULL, len)) | |
293 | goto err; | |
294 | ||
295 | tmps->type = type; | |
296 | p = (char*)tmps->data; | |
297 | ||
298 | if (type == V_ASN1_GENERALIZEDTIME) | |
299 | tmps->length = BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", | |
300 | ts->tm_year + 1900, ts->tm_mon + 1, | |
301 | ts->tm_mday, ts->tm_hour, ts->tm_min, | |
302 | ts->tm_sec); | |
303 | else | |
304 | tmps->length = BIO_snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", | |
305 | ts->tm_year % 100, ts->tm_mon + 1, | |
306 | ts->tm_mday, ts->tm_hour, ts->tm_min, | |
307 | ts->tm_sec); | |
308 | ||
48102247 | 309 | #ifdef CHARSET_EBCDIC |
cf37aaa3 TS |
310 | ebcdic2ascii(tmps->data, tmps->data, tmps->length); |
311 | #endif | |
312 | return tmps; | |
313 | err: | |
314 | if (tmps != s) | |
315 | ASN1_STRING_free(tmps); | |
316 | return NULL; | |
317 | } | |
318 | ||
6b691a5c | 319 | ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) |
0f113f3e MC |
320 | { |
321 | return ASN1_TIME_adj(s, t, 0, 0); | |
322 | } | |
87d3a0cd DSH |
323 | |
324 | ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, | |
0f113f3e MC |
325 | int offset_day, long offset_sec) |
326 | { | |
327 | struct tm *ts; | |
328 | struct tm data; | |
329 | ||
330 | ts = OPENSSL_gmtime(&t, &data); | |
331 | if (ts == NULL) { | |
9311d0c4 | 332 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ERROR_GETTING_TIME); |
0f113f3e MC |
333 | return NULL; |
334 | } | |
335 | if (offset_day || offset_sec) { | |
336 | if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) | |
337 | return NULL; | |
338 | } | |
adf7e6d1 | 339 | return ossl_asn1_time_from_tm(s, ts, V_ASN1_UNDEF); |
0f113f3e | 340 | } |
02e4fbed | 341 | |
359b0c9f | 342 | int ASN1_TIME_check(const ASN1_TIME *t) |
0f113f3e MC |
343 | { |
344 | if (t->type == V_ASN1_GENERALIZEDTIME) | |
345 | return ASN1_GENERALIZEDTIME_check(t); | |
346 | else if (t->type == V_ASN1_UTCTIME) | |
347 | return ASN1_UTCTIME_check(t); | |
348 | return 0; | |
349 | } | |
02e4fbed DSH |
350 | |
351 | /* Convert an ASN1_TIME structure to GeneralizedTime */ | |
9bfeeef8 | 352 | ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, |
0f113f3e MC |
353 | ASN1_GENERALIZEDTIME **out) |
354 | { | |
4483e234 | 355 | ASN1_GENERALIZEDTIME *ret = NULL; |
cf37aaa3 | 356 | struct tm tm; |
0f113f3e | 357 | |
cf37aaa3 | 358 | if (!ASN1_TIME_to_tm(t, &tm)) |
0f113f3e MC |
359 | return NULL; |
360 | ||
cf37aaa3 | 361 | if (out != NULL) |
0f113f3e MC |
362 | ret = *out; |
363 | ||
adf7e6d1 | 364 | ret = ossl_asn1_time_from_tm(ret, &tm, V_ASN1_GENERALIZEDTIME); |
0f113f3e | 365 | |
cf37aaa3 TS |
366 | if (out != NULL && ret != NULL) |
367 | *out = ret; | |
0f113f3e | 368 | |
cf37aaa3 | 369 | return ret; |
0f113f3e | 370 | } |
33ab2e31 DSH |
371 | |
372 | int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) | |
0f113f3e | 373 | { |
cf37aaa3 TS |
374 | /* Try UTC, if that fails, try GENERALIZED */ |
375 | if (ASN1_UTCTIME_set_string(s, str)) | |
376 | return 1; | |
377 | return ASN1_GENERALIZEDTIME_set_string(s, str); | |
0f113f3e | 378 | } |
359b0c9f | 379 | |
04e62715 RS |
380 | int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str) |
381 | { | |
382 | ASN1_TIME t; | |
383 | struct tm tm; | |
384 | int rv = 0; | |
385 | ||
386 | t.length = strlen(str); | |
387 | t.data = (unsigned char *)str; | |
388 | t.flags = ASN1_STRING_FLAG_X509_TIME; | |
389 | ||
390 | t.type = V_ASN1_UTCTIME; | |
391 | ||
392 | if (!ASN1_TIME_check(&t)) { | |
393 | t.type = V_ASN1_GENERALIZEDTIME; | |
394 | if (!ASN1_TIME_check(&t)) | |
395 | goto out; | |
396 | } | |
397 | ||
398 | /* | |
399 | * Per RFC 5280 (section 4.1.2.5.), the valid input time | |
400 | * strings should be encoded with the following rules: | |
401 | * | |
402 | * 1. UTC: YYMMDDHHMMSSZ, if YY < 50 (20YY) --> UTC: YYMMDDHHMMSSZ | |
403 | * 2. UTC: YYMMDDHHMMSSZ, if YY >= 50 (19YY) --> UTC: YYMMDDHHMMSSZ | |
404 | * 3. G'd: YYYYMMDDHHMMSSZ, if YYYY >= 2050 --> G'd: YYYYMMDDHHMMSSZ | |
405 | * 4. G'd: YYYYMMDDHHMMSSZ, if YYYY < 2050 --> UTC: YYMMDDHHMMSSZ | |
406 | * | |
407 | * Only strings of the 4th rule should be reformatted, but since a | |
408 | * UTC can only present [1950, 2050), so if the given time string | |
409 | * is less than 1950 (e.g. 19230419000000Z), we do nothing... | |
410 | */ | |
411 | ||
412 | if (s != NULL && t.type == V_ASN1_GENERALIZEDTIME) { | |
adf7e6d1 | 413 | if (!ossl_asn1_time_to_tm(&tm, &t)) |
04e62715 | 414 | goto out; |
cf37aaa3 | 415 | if (is_utc(tm.tm_year)) { |
04e62715 RS |
416 | t.length -= 2; |
417 | /* | |
418 | * it's OK to let original t.data go since that's assigned | |
419 | * to a piece of memory allocated outside of this function. | |
420 | * new t.data would be freed after ASN1_STRING_copy is done. | |
421 | */ | |
422 | t.data = OPENSSL_zalloc(t.length + 1); | |
89947af2 F |
423 | if (t.data == NULL) { |
424 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); | |
04e62715 | 425 | goto out; |
89947af2 | 426 | } |
04e62715 RS |
427 | memcpy(t.data, str + 2, t.length); |
428 | t.type = V_ASN1_UTCTIME; | |
429 | } | |
430 | } | |
431 | ||
432 | if (s == NULL || ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) | |
433 | rv = 1; | |
434 | ||
435 | if (t.data != (unsigned char *)str) | |
436 | OPENSSL_free(t.data); | |
437 | out: | |
438 | return rv; | |
439 | } | |
440 | ||
1c036c64 | 441 | int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm) |
0f113f3e | 442 | { |
1c036c64 | 443 | if (s == NULL) { |
0f113f3e | 444 | time_t now_t; |
1c036c64 | 445 | |
0f113f3e | 446 | time(&now_t); |
1c036c64 | 447 | memset(tm, 0, sizeof(*tm)); |
52b6e17d | 448 | if (OPENSSL_gmtime(&now_t, tm) != NULL) |
0f113f3e MC |
449 | return 1; |
450 | return 0; | |
451 | } | |
452 | ||
adf7e6d1 | 453 | return ossl_asn1_time_to_tm(tm, s); |
0f113f3e | 454 | } |
1c455bc0 | 455 | |
360ef676 | 456 | int ASN1_TIME_diff(int *pday, int *psec, |
0f113f3e MC |
457 | const ASN1_TIME *from, const ASN1_TIME *to) |
458 | { | |
459 | struct tm tm_from, tm_to; | |
1c036c64 TS |
460 | |
461 | if (!ASN1_TIME_to_tm(from, &tm_from)) | |
0f113f3e | 462 | return 0; |
1c036c64 | 463 | if (!ASN1_TIME_to_tm(to, &tm_to)) |
0f113f3e MC |
464 | return 0; |
465 | return OPENSSL_gmtime_diff(pday, psec, &tm_from, &tm_to); | |
466 | } | |
0d0099ea | 467 | |
f673c4f8 PY |
468 | static const char _asn1_mon[12][4] = { |
469 | "Jan", "Feb", "Mar", "Apr", "May", "Jun", | |
470 | "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" | |
471 | }; | |
472 | ||
63162e3d | 473 | /* returns 1 on success, 0 on BIO write error or parse failure */ |
0d0099ea | 474 | int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) |
63162e3d | 475 | { |
adf7e6d1 | 476 | return ossl_asn1_time_print_ex(bp, tm) > 0; |
63162e3d DDO |
477 | } |
478 | ||
479 | /* returns 0 on BIO write error, else -1 in case of parse failure, else 1 */ | |
adf7e6d1 | 480 | int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm) |
0d0099ea | 481 | { |
f673c4f8 | 482 | char *v; |
b7e011f8 | 483 | int gmt = 0, l; |
f673c4f8 | 484 | struct tm stm; |
48102247 | 485 | const char upper_z = 0x5A, period = 0x2E; |
f673c4f8 | 486 | |
adf7e6d1 SL |
487 | /* ossl_asn1_time_to_tm will check the time type */ |
488 | if (!ossl_asn1_time_to_tm(&stm, tm)) | |
63162e3d | 489 | return BIO_write(bp, "Bad time value", 14) ? -1 : 0; |
f673c4f8 PY |
490 | |
491 | l = tm->length; | |
492 | v = (char *)tm->data; | |
48102247 | 493 | if (v[l - 1] == upper_z) |
f673c4f8 | 494 | gmt = 1; |
f673c4f8 | 495 | |
b7e011f8 AP |
496 | if (tm->type == V_ASN1_GENERALIZEDTIME) { |
497 | char *f = NULL; | |
498 | int f_len = 0; | |
499 | ||
500 | /* | |
501 | * Try to parse fractional seconds. '14' is the place of | |
502 | * 'fraction point' in a GeneralizedTime string. | |
503 | */ | |
48102247 | 504 | if (tm->length > 15 && v[14] == period) { |
b7e011f8 AP |
505 | f = &v[14]; |
506 | f_len = 1; | |
adf7e6d1 | 507 | while (14 + f_len < l && ossl_ascii_isdigit(f[f_len])) |
b7e011f8 AP |
508 | ++f_len; |
509 | } | |
510 | ||
f673c4f8 PY |
511 | return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s", |
512 | _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, | |
513 | stm.tm_min, stm.tm_sec, f_len, f, stm.tm_year + 1900, | |
b7e011f8 AP |
514 | (gmt ? " GMT" : "")) > 0; |
515 | } else { | |
f673c4f8 PY |
516 | return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", |
517 | _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, | |
518 | stm.tm_min, stm.tm_sec, stm.tm_year + 1900, | |
b7e011f8 AP |
519 | (gmt ? " GMT" : "")) > 0; |
520 | } | |
0d0099ea | 521 | } |
cf37aaa3 TS |
522 | |
523 | int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t) | |
524 | { | |
525 | struct tm stm, ttm; | |
526 | int day, sec; | |
527 | ||
528 | if (!ASN1_TIME_to_tm(s, &stm)) | |
529 | return -2; | |
530 | ||
531 | if (!OPENSSL_gmtime(&t, &ttm)) | |
532 | return -2; | |
533 | ||
534 | if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm)) | |
535 | return -2; | |
536 | ||
537 | if (day > 0 || sec > 0) | |
538 | return 1; | |
539 | if (day < 0 || sec < 0) | |
540 | return -1; | |
541 | return 0; | |
542 | } | |
543 | ||
544 | int ASN1_TIME_normalize(ASN1_TIME *t) | |
545 | { | |
546 | struct tm tm; | |
547 | ||
548 | if (!ASN1_TIME_to_tm(t, &tm)) | |
549 | return 0; | |
550 | ||
adf7e6d1 | 551 | return ossl_asn1_time_from_tm(t, &tm, V_ASN1_UNDEF) != NULL; |
cf37aaa3 TS |
552 | } |
553 | ||
554 | int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b) | |
555 | { | |
556 | int day, sec; | |
557 | ||
e44d3761 | 558 | if (!ASN1_TIME_diff(&day, &sec, b, a)) |
cf37aaa3 TS |
559 | return -2; |
560 | if (day > 0 || sec > 0) | |
561 | return 1; | |
562 | if (day < 0 || sec < 0) | |
563 | return -1; | |
564 | return 0; | |
565 | } |