diff options
| author |   David Howells <dhowells@redhat.com> | 2015-07-29 16:58:32 +0100 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2015-08-12 17:01:01 +0100 |
| commit | fd19a3d195be23e8d9d0d66576b96ea25eea8323 (patch) | |
| tree | 6286e4d04f00f846fd7f1c409aa118b12756ea26 /crypto/asymmetric_keys/x509_public_key.c | |
| parent | modsign: Use extract-cert to process CONFIG_SYSTEM_TRUSTED_KEYS (diff) | |
| download | linux-dev-fd19a3d195be23e8d9d0d66576b96ea25eea8323.tar.xz linux-dev-fd19a3d195be23e8d9d0d66576b96ea25eea8323.zip | |
PKCS#7: Improve and export the X.509 ASN.1 time object decoder
Make the X.509 ASN.1 time object decoder fill in a time64_t rather than a
struct tm to make comparison easier (unfortunately, this makes readable
display less easy) and export it so that it can be used by the PKCS#7 code
too.
Further, tighten up its parsing to reject invalid dates (eg. weird
characters, non-existent hour numbers) and unsupported dates (eg. timezones
other than 'Z' or dates earlier than 1970).
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: David Woodhouse <David.Woodhouse@intel.com>
Diffstat (limited to '')
| -rw-r--r-- | crypto/asymmetric_keys/x509_public_key.c | 9 |
1 files changed, 1 insertions, 8 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 6b060b290e77..6d88dd15c98d 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -302,14 +302,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) } pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]); - pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n", - cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1, - cert->valid_from.tm_mday, cert->valid_from.tm_hour, - cert->valid_from.tm_min, cert->valid_from.tm_sec); - pr_devel("Cert Valid To: %04ld-%02d-%02d %02d:%02d:%02d\n", - cert->valid_to.tm_year + 1900, cert->valid_to.tm_mon + 1, - cert->valid_to.tm_mday, cert->valid_to.tm_hour, - cert->valid_to.tm_min, cert->valid_to.tm_sec); + pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to); pr_devel("Cert Signature: %s + %s\n", pkey_algo_name[cert->sig.pkey_algo], hash_algo_name[cert->sig.pkey_hash_algo]); |