diff --git a/src/ocsp.c b/src/ocsp.c index f8ae8bb62..81dae7b00 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -509,9 +509,9 @@ int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, if (status != NULL) *status = bs->status->status; if (thisupd != NULL) - *thisupd = (WOLFSSL_ASN1_TIME*)bs->status->thisDateAsn; + *thisupd = &bs->status->thisDateParsed; if (nextupd != NULL) - *nextupd = (WOLFSSL_ASN1_TIME*)bs->status->nextDateAsn; + *nextupd = &bs->status->nextDateParsed; /* TODO: Not needed for Nginx. */ if (reason != NULL) diff --git a/src/ssl.c b/src/ssl.c index 193ae1d63..4964cb514 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -26510,19 +26510,19 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio, } p = (const char *)(asnTime->data); /* GetTimeString not always available. */ - wolfSSL_BIO_write(bio, MonthStr(p + 2), 3); + wolfSSL_BIO_write(bio, MonthStr(p + 4), 3); wolfSSL_BIO_write(bio, " ", 1); /* Day */ - wolfSSL_BIO_write(bio, p + 4, 2); + wolfSSL_BIO_write(bio, p + 6, 2); wolfSSL_BIO_write(bio, " ", 1); /* Hour */ - wolfSSL_BIO_write(bio, p + 6, 2); - wolfSSL_BIO_write(bio, ":", 1); - /* Min */ wolfSSL_BIO_write(bio, p + 8, 2); wolfSSL_BIO_write(bio, ":", 1); - /* Secs */ + /* Min */ wolfSSL_BIO_write(bio, p + 10, 2); + wolfSSL_BIO_write(bio, ":", 1); + /* Secs */ + wolfSSL_BIO_write(bio, p + 12, 2); wolfSSL_BIO_write(bio, " ", 1); wolfSSL_BIO_write(bio, p, 4); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5668b5fb1..fc6187a08 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -14878,6 +14878,14 @@ static int DecodeSingleResponse(byte* source, #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) cs->thisDateAsn = source + idx; + localIdx = 0; + if (GetDateInfo(cs->thisDateAsn, &localIdx, NULL, + (byte*)&cs->thisDateParsed.type, + &cs->thisDateParsed.length, size) < 0) + return ASN_PARSE_E; + XMEMCPY(cs->thisDateParsed.data, + cs->thisDateAsn + localIdx - cs->thisDateParsed.length, + cs->thisDateParsed.length); #endif if (GetBasicDate(source, &idx, cs->thisDate, &cs->thisDateFormat, size) < 0) @@ -14903,6 +14911,14 @@ static int DecodeSingleResponse(byte* source, return ASN_PARSE_E; #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) cs->nextDateAsn = source + idx; + localIdx = 0; + if (GetDateInfo(cs->nextDateAsn, &localIdx, NULL, + (byte*)&cs->nextDateParsed.type, + &cs->nextDateParsed.length, size) < 0) + return ASN_PARSE_E; + XMEMCPY(cs->nextDateParsed.data, + cs->nextDateAsn + localIdx - cs->nextDateParsed.length, + cs->nextDateParsed.length); #endif if (GetBasicDate(source, &idx, cs->nextDate, &cs->nextDateFormat, size) < 0) diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index e06bbee1d..06eda54e3 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -202,13 +202,6 @@ struct WOLFSSL_BASIC_CONSTRAINTS { #define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME #define WOLFSSL_ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME - -struct WOLFSSL_ASN1_TIME { - unsigned char data[CTC_DATE_SIZE]; /* date bytes */ - int length; - int type; -}; - struct WOLFSSL_ASN1_STRING { char strData[CTC_NAME_SIZE]; int length; diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 1d70fd7e4..2baa991c0 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1226,6 +1226,8 @@ struct CertStatus { byte thisDateFormat; byte nextDateFormat; #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) + WOLFSSL_ASN1_TIME thisDateParsed; + WOLFSSL_ASN1_TIME nextDateParsed; byte* thisDateAsn; byte* nextDateAsn; #endif diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h index 45597cb3e..d38aa2caf 100644 --- a/wolfssl/wolfcrypt/asn_public.h +++ b/wolfssl/wolfcrypt/asn_public.h @@ -166,6 +166,12 @@ typedef struct DerBuffer { int dynType; /* DYNAMIC_TYPE_* */ } DerBuffer; +typedef struct WOLFSSL_ASN1_TIME { + unsigned char data[CTC_DATE_SIZE]; /* date bytes */ + int length; + int type; +} WOLFSSL_ASN1_TIME; + enum { IV_SZ = 32, /* max iv sz */ NAME_SZ = 80, /* max one line */