robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
Browse Source

[tls] Parse X.509 validity times into seconds since the Epoch 

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 12 years ago
parent
5da712385e
commit
0610bcb1d2
2 changed files with 17 additions and 24 deletions
Split View Show Diff Stats
  1. 14
    12
      src/crypto/x509.c
  2. 3
    12
      src/include/ipxe/x509.h

+ 14
- 12
src/crypto/x509.c View File 

@@ -20,6 +20,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
20 20
21 21 
 #include <string.h>
22 22 
 #include <ctype.h>
23 
+#include <time.h>
23 24 
 #include <errno.h>
24 25 
 #include <assert.h>
25 26 
 #include <ipxe/asn1.h>
 
@@ -331,6 +332,7 @@ static int x509_parse_time ( struct x509_certificate *cert,
331 332 
 		} __attribute__ (( packed )) named;
332 333 
 		uint8_t raw[7];
333 334 
 	} pairs;
335 
+	struct tm tm;
334 336 
 	const uint8_t *data;
335 337 
 	size_t remaining;
336 338 
 	unsigned int tens;
 
@@ -395,12 +397,16 @@ static int x509_parse_time ( struct x509_certificate *cert,
395 397 
 	}
396 398
397 399 
 	/* Fill in time */
398 
-	time->year = ( ( pairs.named.century * 100 ) + pairs.named.year );
399 
-	time->month = pairs.named.month;
400 
-	time->day = pairs.named.day;
401 
-	time->hour = pairs.named.hour;
402 
-	time->minute = pairs.named.minute;
403 
-	time->second = pairs.named.second;
400 
+	tm.tm_year = ( ( ( pairs.named.century - 19 ) * 100 ) +
401 
+		       pairs.named.year );
402 
+	tm.tm_mon = ( pairs.named.month - 1 );
403 
+	tm.tm_mday = pairs.named.day;
404 
+	tm.tm_hour = pairs.named.hour;
405 
+	tm.tm_min = pairs.named.minute;
406 
+	tm.tm_sec = pairs.named.second;
407 
+
408 
+	/* Convert to seconds since the Epoch */
409 
+	time->time = mktime ( &tm );
404 410
405 411 
 	return 0;
406 412 
 }
 
@@ -492,17 +498,13 @@ static int x509_parse_validity ( struct x509_certificate *cert,
492 498 
 	/* Parse notBefore */
493 499 
 	if ( ( rc = x509_parse_time ( cert, not_before, &cursor ) ) != 0 )
494 500 
 		return rc;
495 
-	DBGC ( cert, "X509 %p valid from %04d-%02d-%02d %02d:%02d:%02d\n",
496 
-	       cert, not_before->year, not_before->month, not_before->day,
497 
-	       not_before->hour, not_before->minute, not_before->second );
501 
+	DBGC ( cert, "X509 %p valid from time %lld\n", cert, not_before->time );
498 502 
 	asn1_skip_any ( &cursor );
499 503
500 504 
 	/* Parse notAfter */
501 505 
 	if ( ( rc = x509_parse_time ( cert, not_after, &cursor ) ) != 0 )
502 506 
 		return rc;
503 
-	DBGC ( cert, "X509 %p valid until %04d-%02d-%02d %02d:%02d:%02d\n",
504 
-	       cert, not_after->year, not_after->month, not_after->day,
505 
-	       not_after->hour, not_after->minute, not_after->second );
507 
+	DBGC ( cert, "X509 %p valid until time %lld\n", cert, not_after->time );
506 508
507 509 
 	return 0;
508 510 
 }

+ 3
- 12
src/include/ipxe/x509.h View File 

@@ -11,6 +11,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
11 11
12 12 
 #include <stdint.h>
13 13 
 #include <stddef.h>
14 
+#include <time.h>
14 15 
 #include <ipxe/asn1.h>
15 16
16 17 
 /** ASN.1 OID for joint-iso-itu-t(2) ds(5) attributeType(4) */
 
@@ -70,18 +71,8 @@ struct x509_issuer {
70 71
71 72 
 /** An X.509 time */
72 73 
 struct x509_time {
73 
-	/** Year */
74 
-	uint16_t year;
75 
-	/** Month */
76 
-	uint8_t month;
77 
-	/** Day */
78 
-	uint8_t day;
79 
-	/** Hour */
80 
-	uint8_t hour;
81 
-	/** Minute */
82 
-	uint8_t minute;
83 
-	/** Second */
84 
-	uint8_t second;
74 
+	/** Seconds since the Epoch */
75 
+	time_t time;
85 76 
 };
86 77
87 78 
 /** An X.509 certificate validity period */

Write Preview
Loading…
Cancel
Save