mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 18:57:27 +02:00
Adding NO_ASN_TIME_CHECK build option
This commit is contained in:
Lealem Amedie
@ -42,6 +42,8 @@
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
ASN Options:
|
ASN Options:
|
||||||
|
* NO_ASN_TIME_CHECK: Disables ASN time checks (avoiding the ASN_BEFORE_DATE_E
|
||||||
|
* and ASN_AFTER_DATE_E errors).
|
||||||
* NO_ASN_TIME: Disables time parts of the ASN code for systems without an RTC
|
* NO_ASN_TIME: Disables time parts of the ASN code for systems without an RTC
|
||||||
or wishing to save space.
|
or wishing to save space.
|
||||||
* IGNORE_NAME_CONSTRAINTS: Skip ASN name checks.
|
* IGNORE_NAME_CONSTRAINTS: Skip ASN name checks.
|
||||||
@ -14153,7 +14155,7 @@ static int GetDate(DecodedCert* cert, int dateType, int verify, int maxIdx)
|
|||||||
else
|
else
|
||||||
cert->afterDateLen = (int)(cert->srcIdx - startIdx);
|
cert->afterDateLen = (int)(cert->srcIdx - startIdx);
|
||||||
|
|
||||||
#ifndef NO_ASN_TIME
|
#ifndef NO_ASN_TIME_CHECK
|
||||||
if (verify != NO_VERIFY && verify != VERIFY_SKIP_DATE &&
|
if (verify != NO_VERIFY && verify != VERIFY_SKIP_DATE &&
|
||||||
!XVALIDATE_DATE(date, format, dateType)) {
|
!XVALIDATE_DATE(date, format, dateType)) {
|
||||||
if (dateType == BEFORE) {
|
if (dateType == BEFORE) {
|
||||||
@ -20028,7 +20030,7 @@ static int CheckDate(ASNGetData *dataASN, int dateType)
|
|||||||
ret = ASN_DATE_SZ_E;
|
ret = ASN_DATE_SZ_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef NO_ASN_TIME
|
#ifndef NO_ASN_TIME_CHECK
|
||||||
/* Check date is a valid string and BEFORE or AFTER now. */
|
/* Check date is a valid string and BEFORE or AFTER now. */
|
||||||
if ((ret == 0) &&
|
if ((ret == 0) &&
|
||||||
(!XVALIDATE_DATE(dataASN->data.ref.data, dataASN->tag, dateType))) {
|
(!XVALIDATE_DATE(dataASN->data.ref.data, dataASN->tag, dateType))) {
|
||||||
@ -33631,7 +33633,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
|
|||||||
&single->status->thisDateFormat, size) < 0)
|
&single->status->thisDateFormat, size) < 0)
|
||||||
return ASN_PARSE_E;
|
return ASN_PARSE_E;
|
||||||
|
|
||||||
#ifndef NO_ASN_TIME
|
#ifndef NO_ASN_TIME_CHECK
|
||||||
#ifndef WOLFSSL_NO_OCSP_DATE_CHECK
|
#ifndef WOLFSSL_NO_OCSP_DATE_CHECK
|
||||||
if (!XVALIDATE_DATE(single->status->thisDate, single->status->thisDateFormat, BEFORE))
|
if (!XVALIDATE_DATE(single->status->thisDate, single->status->thisDateFormat, BEFORE))
|
||||||
return ASN_BEFORE_DATE_E;
|
return ASN_BEFORE_DATE_E;
|
||||||
@ -33667,7 +33669,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
|
|||||||
&single->status->nextDateFormat, size) < 0)
|
&single->status->nextDateFormat, size) < 0)
|
||||||
return ASN_PARSE_E;
|
return ASN_PARSE_E;
|
||||||
|
|
||||||
#ifndef NO_ASN_TIME
|
#ifndef NO_ASN_TIME_CHECK
|
||||||
#ifndef WOLFSSL_NO_OCSP_DATE_CHECK
|
#ifndef WOLFSSL_NO_OCSP_DATE_CHECK
|
||||||
if (!XVALIDATE_DATE(single->status->nextDate, single->status->nextDateFormat, AFTER))
|
if (!XVALIDATE_DATE(single->status->nextDate, single->status->nextDateFormat, AFTER))
|
||||||
return ASN_AFTER_DATE_E;
|
return ASN_AFTER_DATE_E;
|
||||||
@ -33764,7 +33766,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
|
|||||||
|
|
||||||
/* Store the thisDate format - only one possible. */
|
/* Store the thisDate format - only one possible. */
|
||||||
cs->thisDateFormat = ASN_GENERALIZED_TIME;
|
cs->thisDateFormat = ASN_GENERALIZED_TIME;
|
||||||
#if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_OCSP_DATE_CHECK)
|
#if !defined(NO_ASN_TIME_CHECK) && !defined(WOLFSSL_NO_OCSP_DATE_CHECK)
|
||||||
/* Check date is a valid string and BEFORE now. */
|
/* Check date is a valid string and BEFORE now. */
|
||||||
if (!XVALIDATE_DATE(cs->thisDate, ASN_GENERALIZED_TIME, BEFORE)) {
|
if (!XVALIDATE_DATE(cs->thisDate, ASN_GENERALIZED_TIME, BEFORE)) {
|
||||||
ret = ASN_BEFORE_DATE_E;
|
ret = ASN_BEFORE_DATE_E;
|
||||||
@ -33787,7 +33789,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
|
|||||||
(dataASN[SINGLERESPONSEASN_IDX_NEXTUPDATE_GT].tag != 0)) {
|
(dataASN[SINGLERESPONSEASN_IDX_NEXTUPDATE_GT].tag != 0)) {
|
||||||
/* Store the nextDate format - only one possible. */
|
/* Store the nextDate format - only one possible. */
|
||||||
cs->nextDateFormat = ASN_GENERALIZED_TIME;
|
cs->nextDateFormat = ASN_GENERALIZED_TIME;
|
||||||
#if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_OCSP_DATE_CHECK)
|
#if !defined(NO_ASN_TIME_CHECK) && !defined(WOLFSSL_NO_OCSP_DATE_CHECK)
|
||||||
/* Check date is a valid string and AFTER now. */
|
/* Check date is a valid string and AFTER now. */
|
||||||
if (!XVALIDATE_DATE(cs->nextDate, ASN_GENERALIZED_TIME, AFTER)) {
|
if (!XVALIDATE_DATE(cs->nextDate, ASN_GENERALIZED_TIME, AFTER)) {
|
||||||
ret = ASN_AFTER_DATE_E;
|
ret = ASN_AFTER_DATE_E;
|
||||||
@ -36319,6 +36321,7 @@ end:
|
|||||||
ret = PaseCRL_CheckSignature(dcrl, buff, cm);
|
ret = PaseCRL_CheckSignature(dcrl, buff, cm);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
(void)verify;
|
||||||
FREE_ASNGETDATA(dataASN, dcrl->heap);
|
FREE_ASNGETDATA(dataASN, dcrl->heap);
|
||||||
return ret;
|
return ret;
|
||||||
#endif /* WOLFSSL_ASN_TEMPLATE */
|
#endif /* WOLFSSL_ASN_TEMPLATE */
|
||||||
|
|||||||
@ -2607,6 +2607,11 @@ extern void uITRON4_free(void *p) ;
|
|||||||
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Disable time checking if no timer */
|
||||||
|
#if defined(NO_ASN_TIME)
|
||||||
|
#define NO_ASN_TIME_CHECK
|
||||||
|
#endif
|
||||||
|
|
||||||
/* both CURVE and ED small math should be enabled */
|
/* both CURVE and ED small math should be enabled */
|
||||||
#ifdef CURVED25519_SMALL
|
#ifdef CURVED25519_SMALL
|
||||||
#define CURVE25519_SMALL
|
#define CURVE25519_SMALL
|
||||||
|
|||||||
Reference in New Issue
Block a user