wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7764 from gojimmypi/pr-asn-update

Browse Source 
minor asn update: comments, code format, dateType check in CheckDate.
This commit is contained in:
David Garske
2024-07-19 07:35:02 -07:00
committed by GitHub
parent e6fcd488a6 8356b349a5
commit b3c812921a
1 changed files with 33 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
wolfcrypt/src/asn.c
View File

@@ -14775,18 +14775,23 @@ static WC_INLINE int GetTime_Long(long* value, const byte* date, int* idx)
} }
#endif #endif
/* Extract certTime from date string parameter.
* Reminder: idx is incremented in each call to GetTime()
* Return 0 on failure, 1 for success. */
int ExtractDate(const unsigned char* date, unsigned char format, int ExtractDate(const unsigned char* date, unsigned char format,
struct tm* certTime, int* idx) struct tm* certTime, int* idx)
{ {
XMEMSET(certTime, 0, sizeof(struct tm)); XMEMSET(certTime, 0, sizeof(struct tm));
/* Get the first two bytes of the year (century) */
if (format == ASN_UTC_TIME) { if (format == ASN_UTC_TIME) {
if (btoi(date[*idx]) >= 5) if (btoi(date[*idx]) >= 5)
certTime->tm_year = 1900; certTime->tm_year = 1900;
else else
certTime->tm_year = 2000; certTime->tm_year = 2000;
} }
else { /* format == GENERALIZED_TIME */ else {
/* format == GENERALIZED_TIME */
#ifdef WOLFSSL_LINUXKM #ifdef WOLFSSL_LINUXKM
if (GetTime_Long(&certTime->tm_year, date, idx) != 0) return 0; if (GetTime_Long(&certTime->tm_year, date, idx) != 0) return 0;
#else #else
@@ -14806,11 +14811,7 @@ int ExtractDate(const unsigned char* date, unsigned char format,
int tm_min = certTime->tm_min; int tm_min = certTime->tm_min;
int tm_sec = certTime->tm_sec; int tm_sec = certTime->tm_sec;
#ifdef WOLFSSL_LINUXKM
if (GetTime_Long(&tm_year, date, idx) != 0) return 0;
#else
if (GetTime(&tm_year, date, idx) != 0) return 0; if (GetTime(&tm_year, date, idx) != 0) return 0;
#endif
if (GetTime(&tm_mon , date, idx) != 0) return 0; if (GetTime(&tm_mon , date, idx) != 0) return 0;
if (GetTime(&tm_mday, date, idx) != 0) return 0; if (GetTime(&tm_mday, date, idx) != 0) return 0;
if (GetTime(&tm_hour, date, idx) != 0) return 0; if (GetTime(&tm_hour, date, idx) != 0) return 0;
@@ -14824,21 +14825,24 @@ int ExtractDate(const unsigned char* date, unsigned char format,
certTime->tm_hour = tm_hour; certTime->tm_hour = tm_hour;
certTime->tm_min = tm_min; certTime->tm_min = tm_min;
certTime->tm_sec = tm_sec; certTime->tm_sec = tm_sec;
#else #else /* !AVR */
/* adjust tm_year, tm_mon */ /* Get the next two bytes of the year. */
#ifdef WOLFSSL_LINUXKM #ifdef WOLFSSL_LINUXKM
if (GetTime_Long(&certTime->tm_year, date, idx) != 0) return 0; if (GetTime_Long(&certTime->tm_year, date, idx) != 0) return 0;
#else #else
if (GetTime(&certTime->tm_year, date, idx) != 0) return 0; if (GetTime(&certTime->tm_year, date, idx) != 0) return 0;
#endif #endif
certTime->tm_year -= 1900; certTime->tm_year -= 1900;
/* The next fields are expected in specific order in [date] string: */
if (GetTime(&certTime->tm_mon , date, idx) != 0) return 0; if (GetTime(&certTime->tm_mon , date, idx) != 0) return 0;
certTime->tm_mon -= 1; certTime->tm_mon -= 1;
if (GetTime(&certTime->tm_mday, date, idx) != 0) return 0; if (GetTime(&certTime->tm_mday, date, idx) != 0) return 0;
if (GetTime(&certTime->tm_hour, date, idx) != 0) return 0; if (GetTime(&certTime->tm_hour, date, idx) != 0) return 0;
if (GetTime(&certTime->tm_min , date, idx) != 0) return 0; if (GetTime(&certTime->tm_min , date, idx) != 0) return 0;
if (GetTime(&certTime->tm_sec , date, idx) != 0) return 0; if (GetTime(&certTime->tm_sec , date, idx) != 0) return 0;
#endif
#endif /* !AVR */
return 1; return 1;
} }
@@ -14891,7 +14895,8 @@ int GetTimeString(byte* date, int format, char* buf, int len)
return 1; return 1;
} }
#endif /* OPENSSL_ALL || WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ #endif /* OPENSSL_ALL || WOLFSSL_MYSQL_COMPATIBLE ||
* OPENSSL_EXTRA || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
/* Check time struct for valid values. Returns 0 for success */ /* Check time struct for valid values. Returns 0 for success */
static int ValidateGmtime(struct tm* inTime) static int ValidateGmtime(struct tm* inTime)
@@ -21749,14 +21754,18 @@ static int CheckDate(ASNGetData *dataASN, int dateType)
#ifndef NO_ASN_TIME_CHECK #ifndef NO_ASN_TIME_CHECK
/* Check date is a valid string and ASN_BEFORE or ASN_AFTER now. */ /* Check date is a valid string and ASN_BEFORE or ASN_AFTER now. */
if ((ret == 0) && if (ret == 0) {
(!XVALIDATE_DATE(dataASN->data.ref.data, dataASN->tag, dateType))) { if (!XVALIDATE_DATE(dataASN->data.ref.data, dataASN->tag, dateType)) {
if (dateType == ASN_BEFORE) { if (dateType == ASN_BEFORE) {
ret = ASN_BEFORE_DATE_E; ret = ASN_BEFORE_DATE_E;
} }
else { else if (dateType == ASN_AFTER) {
ret = ASN_AFTER_DATE_E; ret = ASN_AFTER_DATE_E;
} }
else {
ret = ASN_TIME_E;
}
}
} }
#endif #endif
(void)dateType; (void)dateType;
@@ -24026,6 +24035,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm, Signer
else { else {
/* no signer */ /* no signer */
WOLFSSL_MSG("No CA signer to verify with"); WOLFSSL_MSG("No CA signer to verify with");
/* If you end up here with error -188,
* consider using WOLFSSL_ALT_CERT_CHAINS. */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
/* ret needs to be self-signer error for Qt compat */ /* ret needs to be self-signer error for Qt compat */
if (cert->selfSigned) { if (cert->selfSigned) {