diff options
| author | William Edmisten <wcedmisten@gmail.com> | 2021-03-02 00:33:29 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-06-11 12:39:46 +0200 |
| commit | 8c5bff2220c4f39b48660afda40005871f53250d (patch) | |
| tree | bc1d608ac356c10b1e460a296f4200dd310505e3 /crypto | |
| parent | Update krb5 module and re-enable pkinit tests (diff) | |
| download | openssl-8c5bff2220c4f39b48660afda40005871f53250d.tar.xz openssl-8c5bff2220c4f39b48660afda40005871f53250d.zip | |
Add support for ISO 8601 datetime format
Fixes #5430
Added the configuration file option "date_opt" to the openssl applications ca,
crl and x509.
Added ASN1_TIME_print_ex which supports the new datetime format using the
flag ASN1_DTFLGS_ISO8601
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14384)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/asn1/a_time.c | 36 | ||||
| -rw-r--r-- | crypto/x509/t_x509.c | 4 |
2 files changed, 33 insertions, 7 deletions
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c index fb3bd2aca6..9b3074e47e 100644 --- a/crypto/asn1/a_time.c +++ b/crypto/asn1/a_time.c @@ -470,14 +470,22 @@ static const char _asn1_mon[12][4] = { "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }; -/* returns 1 on success, 0 on BIO write error or parse failure */ +/* prints the time with the default date format (RFC 822) */ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) { - return ossl_asn1_time_print_ex(bp, tm) > 0; + return ASN1_TIME_print_ex(bp, tm, ASN1_DTFLGS_RFC822); +} + +/* returns 1 on success, 0 on BIO write error or parse failure */ +int ASN1_TIME_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags) +{ + return ossl_asn1_time_print_ex(bp, tm, flags) > 0; } + +/* prints the time with the date format of ISO 8601 */ /* returns 0 on BIO write error, else -1 in case of parse failure, else 1 */ -int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm) +int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags) { char *v; int gmt = 0, l; @@ -508,15 +516,33 @@ int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm) ++f_len; } - return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s", + if ((flags & ASN1_DTFLGS_TYPE_MASK) == ASN1_DTFLGS_ISO8601) { + return BIO_printf(bp, "%4d-%02d-%02d %02d:%02d:%02d%.*s%s", + stm.tm_year + 1900, stm.tm_mon + 1, + stm.tm_mday, stm.tm_hour, + stm.tm_min, stm.tm_sec, f_len, f, + (gmt ? "Z" : "")) > 0; + } + else { + return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s", _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, stm.tm_min, stm.tm_sec, f_len, f, stm.tm_year + 1900, (gmt ? " GMT" : "")) > 0; + } } else { - return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", + if ((flags & ASN1_DTFLGS_TYPE_MASK) == ASN1_DTFLGS_ISO8601) { + return BIO_printf(bp, "%4d-%02d-%02d %02d:%02d:%02d%s", + stm.tm_year + 1900, stm.tm_mon + 1, + stm.tm_mday, stm.tm_hour, + stm.tm_min, stm.tm_sec, + (gmt ? "Z" : "")) > 0; + } + else { + return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, stm.tm_min, stm.tm_sec, stm.tm_year + 1900, (gmt ? " GMT" : "")) > 0; + } } } diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c index 8b84792b05..fdbdfd5b09 100644 --- a/crypto/x509/t_x509.c +++ b/crypto/x509/t_x509.c @@ -140,11 +140,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, goto err; if (BIO_write(bp, " Not Before: ", 24) <= 0) goto err; - if (ossl_asn1_time_print_ex(bp, X509_get0_notBefore(x)) == 0) + if (ossl_asn1_time_print_ex(bp, X509_get0_notBefore(x), ASN1_DTFLGS_RFC822) == 0) goto err; if (BIO_write(bp, "\n Not After : ", 25) <= 0) goto err; - if (ossl_asn1_time_print_ex(bp, X509_get0_notAfter(x)) == 0) + if (ossl_asn1_time_print_ex(bp, X509_get0_notAfter(x), ASN1_DTFLGS_RFC822) == 0) goto err; if (BIO_write(bp, "\n", 1) <= 0) goto err; |