X509 time: tighten validation per RFC 5280 (414d19d0) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 414d19d0 authored Feb 17, 2017 by

Emilia Kasper Committed by Dr. Matthias St. Pierre May 05, 2018

X509 time: tighten validation per RFC 5280

- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time

GH issue 2620

Backported from 80770da3



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6181)

parent 29627a36

Hide whitespace changes

Inline Side-by-side

Please register or to comment