Simplified ASN1_GetTimeT()

This commit also drops support for OpenSSL 1.1.0 (end of life for that release was August 31, 2018).
2025-04-05 01:00:11 -05:00 · 2020-06-07 17:54:10 +02:00 · 2020-06-07 17:54:10 +02:00 · 0c9f53d30c
commit 0c9f53d30c
parent 772a878182
2 changed files with 10 additions and 36 deletions
--- a/configure.ac
+++ b/configure.ac
@ -93,17 +93,17 @@ AS_IF([test "x$have_gsf" = "xyes"],

 PKG_CHECK_MODULES(
 	[OPENSSL],
-	[libcrypto >= 1.1.0],
+	[libcrypto >= 1.1.1],
 	,
 	[PKG_CHECK_MODULES(
 		[OPENSSL],
-		[openssl >= 1.1.0],
+		[openssl >= 1.1.1],
 		,
 		[AC_CHECK_LIB(
 			[crypto],
 			[EVP_MD_CTX_new],
 			[OPENSSL_LIBS="-lcrypto ${SOCKETS_LIBS} ${DL_LIBS}"],
-			[AC_MSG_ERROR([OpenSSL 1.1.0 or later is required. https://www.openssl.org/])],
+			[AC_MSG_ERROR([OpenSSL 1.1.1 or later is required. https://www.openssl.org/])],
 			[${DL_LIBS}]
 		)]
 	)]
--- a/osslsigncode.c
+++ b/osslsigncode.c
@ -1679,41 +1679,15 @@ static int print_time(const ASN1_TIME *time)
 	return 1; /* OK */
 }

-static time_t ASN1_GetTimeT(ASN1_TIME *time)
+static time_t ASN1_GetTimeT(ASN1_TIME *s)
 {
-	struct tm t;
-	const char *str;
-	size_t i = 0;
+	struct tm tm;

-	str = (const char*) time->data;
-	memset(&t, 0, sizeof(t));
-	if (time->type == V_ASN1_UTCTIME) {
-		/* two digit year */
-		t.tm_year = (str[i++] - '0') * 10;
-		t.tm_year += (str[i++] - '0');
-		if (t.tm_year < 70)
-			t.tm_year += 100;
-	} else if (time->type == V_ASN1_GENERALIZEDTIME) {
-		/* four digit year */
-		t.tm_year = (str[i++] - '0') * 1000;
-		t.tm_year+= (str[i++] - '0') * 100;
-		t.tm_year+= (str[i++] - '0') * 10;
-		t.tm_year+= (str[i++] - '0');
-		t.tm_year -= 1900;
+	if (ASN1_TIME_to_tm(s, &tm)) {
+		return mktime(&tm);
+	} else {
+		return INVALID_TIME;
 	}
-	t.tm_mon  = (str[i++] - '0') * 10;
-	t.tm_mon += (str[i++] - '0') - 1; /* -1 since January is 0 not 1 */
-	t.tm_mday = (str[i++] - '0') * 10;
-	t.tm_mday+= (str[i++] - '0');
-	t.tm_hour = (str[i++] - '0') * 10;
-	t.tm_hour+= (str[i++] - '0');
-	t.tm_min  = (str[i++] - '0') * 10;
-	t.tm_min += (str[i++] - '0');
-	t.tm_sec  = (str[i++] - '0') * 10;
-	t.tm_sec += (str[i++] - '0');
-
-	/* Note: we did not adjust the time based on time zone information */
-	return mktime(&t);
 }

 static int print_cert(X509 *cert, int i)
@ -2366,7 +2340,7 @@ static int verify_pkcs7(PKCS7 *p7, GLOBAL_OPTIONS *options)
 	PKCS7 *tmstamp_p7 = NULL;
 	CMS_ContentInfo *tmstamp_cms = NULL;
 	int ret = 0, leafok = 0;
-	time_t timestamp_time = INVALID_TIME;;
+	time_t timestamp_time = INVALID_TIME;

 	if (!find_signer(p7, options->leafhash, &leafok))
 		printf("Find signers error\n");