diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2011-12-23 16:29:41 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2011-12-23 16:29:41 +0100 |
| commit | 1267127c114aa6d7c1507d1da4a1af3954c42cde (patch) | |
| tree | c810a259edce01f49a26b7c7a7faeaf7d383e3c4 /src/libstrongswan/asn1 | |
| parent | 70a47376905cd06968a79df7122eb5ea4521fc5f (diff) | |
| download | strongswan-1267127c114aa6d7c1507d1da4a1af3954c42cde.tar.bz2 strongswan-1267127c114aa6d7c1507d1da4a1af3954c42cde.tar.xz | |
Properly ASN.1 encode dates in certificates depending on the year.
Diffstat (limited to 'src/libstrongswan/asn1')
| -rw-r--r-- | src/libstrongswan/asn1/asn1.c | 8 | ||||
| -rw-r--r-- | src/libstrongswan/asn1/asn1.h | 13 |
2 files changed, 13 insertions, 8 deletions
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c index 96bf50ad2..e74edde30 100644 --- a/src/libstrongswan/asn1/asn1.c +++ b/src/libstrongswan/asn1/asn1.c @@ -426,8 +426,9 @@ time_t asn1_to_time(const chunk_t *utctime, asn1_t type) /** * Convert a date into ASN.1 UTCTIME or GENERALIZEDTIME format */ -chunk_t asn1_from_time(const time_t *time, asn1_t type) +chunk_t asn1_from_time(const time_t *time) { + asn1_t type; int offset; const char *format; char buf[BUF_LEN]; @@ -435,6 +436,9 @@ chunk_t asn1_from_time(const time_t *time, asn1_t type) struct tm t; gmtime_r(time, &t); + /* RFC 5280 says that dates through the year 2049 MUST be encoded as UTCTIME + * and dates in 2050 or later MUST be encoded as GENERALIZEDTIME */ + type = (t.tm_year < 150) ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME; if (type == ASN1_GENERALIZEDTIME) { format = "%04d%02d%02d%02d%02d%02dZ"; @@ -443,7 +447,7 @@ chunk_t asn1_from_time(const time_t *time, asn1_t type) else /* ASN1_UTCTIME */ { format = "%02d%02d%02d%02d%02d%02dZ"; - offset = (t.tm_year < 100)? 0 : -100; + offset = (t.tm_year < 100) ? 0 : -100; } snprintf(buf, BUF_LEN, format, t.tm_year + offset, t.tm_mon + 1, t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec); diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h index 05a060827..d5468a430 100644 --- a/src/libstrongswan/asn1/asn1.h +++ b/src/libstrongswan/asn1/asn1.h @@ -35,8 +35,8 @@ typedef enum { ASN1_BOOLEAN = 0x01, ASN1_INTEGER = 0x02, ASN1_BIT_STRING = 0x03, - ASN1_OCTET_STRING = 0x04, - ASN1_NULL = 0x05, + ASN1_OCTET_STRING = 0x04, + ASN1_NULL = 0x05, ASN1_OID = 0x06, ASN1_ENUMERATED = 0x0A, ASN1_UTF8STRING = 0x0C, @@ -48,7 +48,7 @@ typedef enum { ASN1_UTCTIME = 0x17, ASN1_GENERALIZEDTIME = 0x18, ASN1_GRAPHICSTRING = 0x19, - ASN1_VISIBLESTRING = 0x1A, + ASN1_VISIBLESTRING = 0x1A, ASN1_GENERALSTRING = 0x1B, ASN1_UNIVERSALSTRING = 0x1C, ASN1_BMPSTRING = 0x1E, @@ -75,7 +75,7 @@ typedef enum { ASN1_CONTEXT_C_4 = 0xA4, ASN1_CONTEXT_C_5 = 0xA5, - ASN1_INVALID = 0x100, + ASN1_INVALID = 0x100, } asn1_t; #define ASN1_INVALID_LENGTH 0xffffffff @@ -191,11 +191,12 @@ time_t asn1_to_time(const chunk_t *utctime, asn1_t type); /** * Converts time_t to an ASN.1 UTCTIME or GENERALIZEDTIME string * + * The type is automatically chosen based on the encoded year. + * * @param time time_t in UTC - * @param type ASN1_UTCTIME or ASN1_GENERALIZEDTIME * @return body of an ASN.1 code time object */ -chunk_t asn1_from_time(const time_t *time, asn1_t type); +chunk_t asn1_from_time(const time_t *time); /** * Parse an ASN.1 UTCTIME or GENERALIZEDTIME object |