Commit 33ab2e31 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

PR: 1854 

Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org

Support GeneralizedTime in ca utility.
parent bb7ccdfb

CHANGES

+3 −0
Original line number Diff line number Diff line
@@ -4,6 +4,9 @@ 


 Changes between 0.9.8j and 0.9.9  [xx XXX xxxx]



  *) Support GeneralizedTime in ca utility. 

     [Oliver Martin <oliver@volatilevoid.net>, Steve Henson]



  *) Enhance the hash format used for certificate directory links. The new

     form uses the canonical encoding (meaning equivalent names will work

     even if they aren't identical) and uses SHA1 instead of MD5. This form

apps/ca.c

+8 −13
Original line number Diff line number Diff line
@@ -1109,9 +1109,9 @@ bad: 
			if (startdate == NULL)

				ERR_clear_error();

			}

		if (startdate && !ASN1_UTCTIME_set_string(NULL,startdate))

		if (startdate && !ASN1_TIME_set_string(NULL, startdate))

			{

			BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ\n");

			BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");

			goto err;

			}

		if (startdate == NULL) startdate="today";
@@ -1123,9 +1123,9 @@ bad: 
			if (enddate == NULL)

				ERR_clear_error();

			}

		if (enddate && !ASN1_UTCTIME_set_string(NULL,enddate))

		if (enddate && !ASN1_TIME_set_string(NULL, enddate))

			{

			BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ\n");

			BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");

			goto err;

			}
@@ -2007,11 +2007,11 @@ again2: 


	if (strcmp(startdate,"today") == 0)

		X509_gmtime_adj(X509_get_notBefore(ret),0);

	else ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);

	else ASN1_TIME_set_string(X509_get_notBefore(ret),startdate);



	if (enddate == NULL)

		X509_time_adj_ex(X509_get_notAfter(ret),days, 0, NULL);

	else ASN1_UTCTIME_set_string(X509_get_notAfter(ret),enddate);

	else ASN1_TIME_set_string(X509_get_notAfter(ret),enddate);



	if (!X509_set_subject_name(ret,subject)) goto err;
@@ -2107,7 +2107,7 @@ again2: 
		}



	BIO_printf(bio_err,"Certificate is to be certified until ");

	ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));

	ASN1_TIME_print(bio_err,X509_get_notAfter(ret));

	if (days) BIO_printf(bio_err," (%ld days)",days);

	BIO_printf(bio_err, "\n");
@@ -2397,12 +2397,7 @@ static int fix_data(int nid, int *type) 


static int check_time_format(const char *str)

	{

	ASN1_UTCTIME tm;



	tm.data=(unsigned char *)str;

	tm.length=strlen(str);

	tm.type=V_ASN1_UTCTIME;

	return(ASN1_UTCTIME_check(&tm));

	return ASN1_TIME_set_string(NULL, str);

	}



static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)

crypto/asn1/a_time.c

+22 −0
Original line number Diff line number Diff line
@@ -173,3 +173,25 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE 


	return ret;

	}



int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)

	{

	ASN1_TIME t;



	t.length = strlen(str);

	t.data = (unsigned char *)str;

	

	t.type = V_ASN1_UTCTIME;



	if (!ASN1_TIME_check(&t))

		{

		t.type = V_ASN1_GENERALIZEDTIME;

		if (!ASN1_TIME_check(&t))

			return 0;

		}

	

	if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))

			return 0;



	return 1;

	}

crypto/asn1/asn1.h

+1 −0
Original line number Diff line number Diff line
@@ -885,6 +885,7 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t, 
				int offset_day, long offset_sec);

int ASN1_TIME_check(ASN1_TIME *t);

ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);

int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);



int i2d_ASN1_SET(STACK_OF(BLOCK) *a, unsigned char **pp,

		 i2d_of_void *i2d, int ex_tag, int ex_class,